shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lenny Primak <lpri...@hope.nyc.ny.us>
Subject Re: annotations doesn't take effect, please help to have a look
Date Wed, 07 Jun 2017 23:38:42 GMT
Thank you!
I will do so shortly

> On Jun 3, 2017, at 2:09 PM, Tamás Cservenák <tamas@cservenak.net> wrote:
> 
> Lenny,
> 
> I _think_ you can create a PR against this repo:
> https://github.com/apache/shiro-site <https://github.com/apache/shiro-site>
> 
> To have it included in list of integrations.
> 
> HTH,
> T
> 
> On Sat, Jun 3, 2017 at 8:49 PM Lenny Primak <lprimak@hope.nyc.ny.us <mailto:lprimak@hope.nyc.ny.us>>
wrote:
> Thanks!
> I should document it a bit more. It's quite a nice toolset especially the prime faces
data model stuff
> 
> On Jun 3, 2017, at 1:30 PM, Tamás Cservenák <tamas@cservenak.net <mailto:tamas@cservenak.net>>
wrote:
> 
>> Nice work Lenny! 
>> This one should be added to the Shiro Integrations page...
>> 
>> Briaaaaan!
>> 
>> 
>> Thanks,
>> T
>> 
>> On Sat, Jun 3, 2017 at 8:28 PM Lenny Primak <lprimak@hope.nyc.ny.us <mailto:lprimak@hope.nyc.ny.us>>
wrote:
>> Take a look at flowlogix-jee 
>> It integrates with java ee and makes the annotations work
>> 
>> On Jun 3, 2017, at 1:13 PM, Yu Wei <yu2003w@hotmail.com <mailto:yu2003w@hotmail.com>>
wrote:
>> 
>>> I also noticed that jersey is not officially supported.
>>> 
>>> Currently I have a web service written with jersey, and need to secure it.
>>> 
>>> However, shiro-jersey is not updated for almost 3 years and shiro version supported
is 1.2.3.
>>> 
>>> 
>>> I'm looking for other solutions.
>>> 
>>> 
>>> Any advice?
>>> 
>>> Thanks,
>>> 
>>> Jared, (韦煜)
>>> Software developer
>>> Interested in open source software, big data, Linux
>>> From: Tamás Cservenák <tamas@cservenak.net <mailto:tamas@cservenak.net>>
>>> Sent: Sunday, June 4, 2017 2:06:51 AM
>>> To: user@shiro.apache.org <mailto:user@shiro.apache.org>
>>> Subject: Re: annotations doesn't take effect, please help to have a look
>>>  
>>> Hi there,
>>> 
>>> and how did you integrate shiro annotations? For those to be picked up, you should
use either guice, spring or some "home made" thing...
>>> 
>>> https://shiro.apache.org/java-annotations.html <https://shiro.apache.org/java-annotations.html>
>>> 
>>> From "integrations" page
>>> https://shiro.apache.org/integration.html <https://shiro.apache.org/integration.html>
>>> For Jersey, it enlists this
>>> https://github.com/silb/shiro-jersey <https://github.com/silb/shiro-jersey>
>>> 
>>> Thanks,
>>> T
>>> 
>>> On Sat, Jun 3, 2017 at 7:54 PM Yu Wei <yu2003w@hotmail.com <mailto:yu2003w@hotmail.com>>
wrote:
>>> I'm using jersey. 
>>> shiro version is 1.2.3.
>>> 
>>> Thanks,
>>> 
>>> Jared, (韦煜)
>>> Software developer
>>> Interested in open source software, big data, Linux
>>> From: Laszlo Hornyak <laszlo.hornyak@gmail.com <mailto:laszlo.hornyak@gmail.com>>
>>> Sent: Sunday, June 4, 2017 1:41:51 AM
>>> To: user@shiro.apache.org <mailto:user@shiro.apache.org>
>>> Subject: Re: annotations doesn't take effect, please help to have a look
>>>  
>>> Hi Yu,
>>> 
>>> What version of shiro do you use? Are you using the rest resources with spring?
>>> 
>>> Best regards,
>>> Laszlo
>>> 
>>> On Sat, Jun 3, 2017 at 7:23 PM, Yu Wei <yu2003w@hotmail.com <mailto:yu2003w@hotmail.com>>
wrote:
>>> Hi guys,
>>> 
>>> I tried to use annotations for authentication/authorization. However, it doesn't
work as expected.
>>> 
>>> Below is shiro.ini,
>>> 
>>> 
>>> [main]
>>> 
>>> # basic authentication 
>>> authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
>>> 
>>> # password matcher
>>> pwMatcher = org.apache.shiro.authc.credential.PasswordMatcher
>>> pwService = org.apache.shiro.authc.credential.DefaultPasswordService
>>> pwMatcher.passwordService = $pwService
>>> 
>>> # data source configuration, using JndiObjectFactory to look up the attributes

>>> datasrc = org.apache.shiro.jndi.JndiObjectFactory
>>> datasrc.requiredType = javax.sql.DataSource
>>> datasrc.resourceName = mysql/ustudy
>>> datasrc.resourceRef = true
>>> 
>>> realm = org.apache.shiro.realm.jdbc.JdbcRealm
>>> realm.permissionsLookupEnabled = true
>>> realm.dataSource = $datasrc
>>> realm.authenticationQuery = select usr_passwd from sec_users where loginname
= ?
>>> realm.credentialsMatcher = $pwMatcher
>>> 
>>> securityManager.realms = $realm
>>> 
>>> [users]
>>> 
>>> [roles]
>>> 
>>> [urls]
>>> /services/info/list/** = authc, roles[admin]
>>> /services/info/add/** = authcBasic, roles[admin]
>>> /services/info/update/** = authcBasic, roles[admin]
>>> /services/info/delete/** = authcBasic, roles[admin]
>>> 
>>> 
>>> In servlet app, one method handle http request is as following,
>>> 
>>> 
>>>     @GET
>>>     @RequiresAuthentication
>>>     @RequiresPermissions("list:view")
>>>     @Path("list/{type}/{id}")
>>>     @Produces(MediaType.APPLICATION_JSON)
>>>     public Response getList()
>>> 
>>> 
>>> It seems that @RequiresAuthentication and @RequiresPermissions("list:view") do
not take effect.
>>> 
>>> 
>>> Do I misunderstand anything? Or any error in my code?
>>> 
>>> 
>>> Thanks,
>>> 
>>> Jared, (韦煜)
>>> Software developer
>>> Interested in open source software, big data, Linux
>>> 
>>> 
>>> 
>>> -- 
>>> 
>>> EOF
>>> -- 
>>> Thanks,
>>> ~t~
>>> 
>> 
>> -- 
>> Thanks,
>> ~t~
>> 
> 
> -- 
> Thanks,
> ~t~
> 


Mime
View raw message