shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lev <dilraj.si...@amdocs.com>
Subject Re: REST or remote client authentication :very very important
Date Thu, 03 Dec 2009 14:03:45 GMT

Thank you Narcom for sharing your valueable work, I in deed feel grateful to
you for such a help.

looks like you have implemented a good sample app in this domain.

can I get your project code anyway? it will be great help to many people who
want to kick start with shiro.

I can give you my personal email if you want.



Narcom wrote:
> 
> first I took exaple from Siro dist - web+spring. But it really worked only
> for web auth. so I modified it a little.
> 
> I added separete servlet/bean to responsible for login
> this is my spring config for login bean
> <bean id="loginManager" class="com.springbook.LoginManagerBean">
>         <property name="ehCacheManager" ref="cacheManager"/>
>     </bean>
>     <bean name="/login"
> class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
>         <property name="service" ref="loginManager"/>
>         <property name="serviceInterface"
> value="com.springbook.LoginManagerRemote"/>
>         <property name="remoteInvocationExecutor"
> ref="secureRemoteInvocationExecutor"/>
>     </bean>
> 
>     <bean name="/secure/sampleManager"
> class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
>         <property name="service" ref="sampleManager"/>
>         <property name="serviceInterface"
> value="my.samples.shiro.spring.SampleManager"/>
>         <property name="remoteInvocationExecutor"
> ref="secureRemoteInvocationExecutor"/>
>     </bean>
> 
> this my spring client config
> <bean id="loginManager"
>        
> class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
>         <property name="serviceUrl"
> value="http://localhost:8084/SpringRemoting/remoting/login"/>
>         <property name="serviceInterface"
> value="com.springbook.LoginManagerRemote"/>
>         <property name="remoteInvocationFactory"
> ref="secureRemoteInvocationFactory"/>
>     </bean>
> 
>     <bean id="sampleManager"
>        
> class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
>         <property name="serviceUrl"
> value="http://localhost:8084/SpringRemoting/remoting/secure/sampleManager"/>
>         <property name="serviceInterface"
> value="my.samples.shiro.spring.SampleManager"/>
>         <property name="remoteInvocationFactory"
> ref="secureRemoteInvocationFactory"/>
>     </bean>
> 
>     <!--bean id="secureRemoteInvocationFactory"
>         class="my.samples.shiro.spring.SecureRemoteInvocationFactory"/-->
> 
>     <bean id="secureRemoteInvocationFactory"
>        
> class="org.apache.shiro.spring.remoting.SecureRemoteInvocationFactory"/>
> 
> If you'd like change serialization to hessian.
> make sure that you switch session mode to "native"
> it works as follow:
> 1. I use "loginManager" bean to login. make sure that it is not under
> Shiro web security filter.
> 2. then get new generated session to call secure methods in
> "sampleManager"
> 
> 
> I think it is better to configure ehCahe. to configure it you could look
> at my previous posts
> for example this:
> http://n2.nabble.com/Web-Spring-EhCache-how-to-change-default-cache-name-tp4063126p4096087.html
> 
> 
> 
> 

-- 
View this message in context: http://n2.nabble.com/REST-or-remote-client-authentication-very-very-important-tp4101242p4106224.html
Sent from the Shiro User mailing list archive at Nabble.com.

Mime
View raw message