shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Debashis Ghosh <debashis...@gmail.com>
Subject rest, glassfish4 shiro enabled working sample
Date Wed, 06 Aug 2014 14:52:07 GMT
I am new to javaee development. I am trying to build a javaee application in
which rest services residing on Glassfish4 will be invoked by mobile
clients. I came across apache shiro framework on the web for authentication
and authorization. I would like to secure the services using shiro. For the
time being I am trying to configure basic authentication with some hard
coded users to gain confidence. My final goal is to move the user store to a
database.

Following the apache shiro tutorial I configured my web.xml and shiro.ini.

1) But somehow the rest services are still open and I can invoke them
without any password. is shiro.ini not getting loaded properly in my
application ?

2) In future I will have multiple rest services from multiple applications,
so I will need to configure shiro for all of them too ? Is there no way to
handle authentication, authorization of multiple webapp using single shiro
config ?

3) If you have a similar working sample please point me to that.

Project location

URL :  https://github.com/debashisgho/MyApp/
<https://github.com/debashisgho/MyApp/>  

I can get the resource data without using any user/pwd

  http://localhost:8080/MyApp/rest/MyResource
<http://localhost:8080/MyApp/rest/MyResource>  
I am sure that I have not configured it properly. Need help to find out what
is missing.



--
View this message in context: http://shiro-user.582556.n2.nabble.com/rest-glassfish4-shiro-enabled-working-sample-tp7580135.html
Sent from the Shiro User mailing list archive at Nabble.com.

Mime
View raw message