shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lenny Primak <lpri...@hope.nyc.ny.us>
Subject Re: annotations doesn't take effect, please help to have a look
Date Sun, 04 Jun 2017 01:20:33 GMT
If by Jersey you mean Jax-RS, than if you put flowlogix-jee as a dependency the annotations
should work as designed.
This was tested in most of the Java EE -compliant application servers (i.e. Payara)

> On Jun 3, 2017, at 8:17 PM, Yu Wei <yu2003w@hotmail.com> wrote:
> 
> Hi Lenny,
> Is there any example to show how flowgix-jee work with jersey application?
> Thx,
> Jared
> Interested in cloud computing,big data processing,linux
> 
> 2017年6月4日 02:28于 Lenny Primak <lprimak@hope.nyc.ny.us>写道:
> Take a look at flowlogix-jee 
> It integrates with java ee and makes the annotations work
> 
> On Jun 3, 2017, at 1:13 PM, Yu Wei <yu2003w@hotmail.com <mailto:yu2003w@hotmail.com>>
wrote:
> 
>> I also noticed that jersey is not officially supported.
>> 
>> Currently I have a web service written with jersey, and need to secure it.
>> 
>> However, shiro-jersey is not updated for almost 3 years and shiro version supported
is 1.2.3.
>> 
>> 
>> I'm looking for other solutions.
>> 
>> 
>> Any advice?
>> 
>> Thanks,
>> 
>> Jared, (韦煜)
>> Software developer
>> Interested in open source software, big data, Linux
>> From: Tamás Cservenák <tamas@cservenak.net <mailto:tamas@cservenak.net>>
>> Sent: Sunday, June 4, 2017 2:06:51 AM
>> To: user@shiro.apache.org <mailto:user@shiro.apache.org>
>> Subject: Re: annotations doesn't take effect, please help to have a look
>>  
>> Hi there,
>> 
>> and how did you integrate shiro annotations? For those to be picked up, you should
use either guice, spring or some "home made" thing...
>> 
>> https://shiro.apache.org/java-annotations.html <https://shiro.apache.org/java-annotations.html>
>> 
>> From "integrations" page
>> https://shiro.apache.org/integration.html <https://shiro.apache.org/integration.html>
>> For Jersey, it enlists this
>> https://github.com/silb/shiro-jersey <https://github.com/silb/shiro-jersey>
>> 
>> Thanks,
>> T
>> 
>> On Sat, Jun 3, 2017 at 7:54 PM Yu Wei <yu2003w@hotmail.com <mailto:yu2003w@hotmail.com>>
wrote:
>> I'm using jersey. 
>> shiro version is 1.2.3.
>> 
>> Thanks,
>> 
>> Jared, (韦煜)
>> Software developer
>> Interested in open source software, big data, Linux
>> From: Laszlo Hornyak <laszlo.hornyak@gmail.com <mailto:laszlo.hornyak@gmail.com>>
>> Sent: Sunday, June 4, 2017 1:41:51 AM
>> To: user@shiro.apache.org <mailto:user@shiro.apache.org>
>> Subject: Re: annotations doesn't take effect, please help to have a look
>>  
>> Hi Yu,
>> 
>> What version of shiro do you use? Are you using the rest resources with spring?
>> 
>> Best regards,
>> Laszlo
>> 
>> On Sat, Jun 3, 2017 at 7:23 PM, Yu Wei <yu2003w@hotmail.com <mailto:yu2003w@hotmail.com>>
wrote:
>> Hi guys,
>> 
>> I tried to use annotations for authentication/authorization. However, it doesn't
work as expected.
>> 
>> Below is shiro.ini,
>> 
>> 
>> [main]
>> 
>> # basic authentication 
>> authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
>> 
>> # password matcher
>> pwMatcher = org.apache.shiro.authc.credential.PasswordMatcher
>> pwService = org.apache.shiro.authc.credential.DefaultPasswordService
>> pwMatcher.passwordService = $pwService
>> 
>> # data source configuration, using JndiObjectFactory to look up the attributes 
>> datasrc = org.apache.shiro.jndi.JndiObjectFactory
>> datasrc.requiredType = javax.sql.DataSource
>> datasrc.resourceName = mysql/ustudy
>> datasrc.resourceRef = true
>> 
>> realm = org.apache.shiro.realm.jdbc.JdbcRealm
>> realm.permissionsLookupEnabled = true
>> realm.dataSource = $datasrc
>> realm.authenticationQuery = select usr_passwd from sec_users where loginname = ?
>> realm.credentialsMatcher = $pwMatcher
>> 
>> securityManager.realms = $realm
>> 
>> [users]
>> 
>> [roles]
>> 
>> [urls]
>> /services/info/list/** = authc, roles[admin]
>> /services/info/add/** = authcBasic, roles[admin]
>> /services/info/update/** = authcBasic, roles[admin]
>> /services/info/delete/** = authcBasic, roles[admin]
>> 
>> 
>> In servlet app, one method handle http request is as following,
>> 
>> 
>>     @GET
>>     @RequiresAuthentication
>>     @RequiresPermissions("list:view")
>>     @Path("list/{type}/{id}")
>>     @Produces(MediaType.APPLICATION_JSON)
>>     public Response getList()
>> 
>> 
>> It seems that @RequiresAuthentication and @RequiresPermissions("list:view") do not
take effect.
>> 
>> 
>> Do I misunderstand anything? Or any error in my code?
>> 
>> 
>> Thanks,
>> 
>> Jared, (韦煜)
>> Software developer
>> Interested in open source software, big data, Linux
>> 
>> 
>> 
>> -- 
>> 
>> EOF
>> -- 
>> Thanks,
>> ~t~
>> 


Mime
View raw message