How do you imagine Apache Shiro hooks into the Dropwizard request lifecycle? Have you reviewed Dropwizard's authentication documentation?
In general, this sort of post is unlikely to receive many useful responses, because it requires knowing about both Dropwizard and Shiro. If DW has been configured to invoke Shiro, then the logs would be a good place to turn for more information. I will note that Dropwizard's model is reasonably straightforward and extensible, having authored extensions for it to perform authentication using basic, SSL client certificate, JWT, and OAuth strategies, even allowing CORS for some but not all of these. On Sunday, May 20, 2018 at 1:13:05 PM UTC-4, Tales Ruan wrote: > > Hello! > > I know this is an old post, but did you find a solution for your problem? > I'm facing the exact same issue. > > I'm getting desperate as I can't find a solution anywhere. > > > On Wednesday, 2 August 2017 12:12:04 UTC-3, [email protected] wrote: >> >> Hi, >> >> My dropwizard has been setup with Shiro for authentication. I am >> currently sending requests from a different port to my dropwizard service >> but I get a *HTTP 401 Unauthorized status error.* >> >> My dropwizard application is hosted on >> http://localhost:8199/api/konak/orders and my angular application is >> being launched from http://localhost:4200 >> >> Below are some details regarding my setup. Please let me know if you need >> any further information. >> >> >> *HTTP Request-Response where I get 401 Unauthorized error* >> >> *General* >> >> Request URL:http://localhost:8199/api/konak/reconciliations >> Request Method:GET >> Status Code:401 Unauthorized >> Remote Address:[::1]:8199 >> Referrer Policy:no-referrer-when-downgrade >> >> *Request Headers* >> >> Content-Length:0 >> Date:Wed, 02 Aug 2017 13:17:49 GMT >> WWW-Authenticate:BASIC realm="application" >> >> *Request Headers* >> >> Accept:application/json, text/plain, */* >> Accept-Encoding:gzip, deflate, br >> Accept-Language:en-GB,en-US;q=0.8,en;q=0.6 >> Connection:keep-alive >> Host:localhost:8199 >> Origin:http://localhost:4200 >> Referer:http://localhost:4200/konak-dashboard >> User-Agent:Mozilla/5.0 >> <http://localhost:4200/konak-dashboardUser-Agent:Mozilla/5.0> (Windows NT >> 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.78 >> Safari/537.3 >> >> >> *Below is my shiro.ini file. * >> >> l# Use SSO >> contextFactory = org.apache.shiro.realm.ldap.JndiLdapContextFactory >> contextFactory.url = ldap://<hidden-ldap-config> >> contextFactory.systemUsername = svc-gitlab >> contextFactory.systemPassword = xxxxxxxxxxxx >> >> ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm >> ldapRealm.userDnTemplate = {0}<@company.domain> >> ldapRealm.contextFactory = $contextFactory >> >> allowAllCredentialsMatcher=org.apache.shiro.authc.credential.AllowAllCredentialsMatcher >> >> authenticationStrategy = org.apache.shiro.authc.pam.AllSuccessfulStrategy >> securityManager.authenticator.authenticationStrategy = >> $authenticationStrategy >> >> waffleRealmSSO = waffle.shiro.negotiate.NegotiateAuthenticationRealm >> waffleUserPass = waffle.shiro.GroupMappingWaffleRealm >> waffleFilter = waffle.shiro.negotiate.NegotiateAuthenticationFilter >> >> securityManager.realms= $waffleRealmSSO, $ldapRealm >> >> # Use the configured native session manager: >> sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager >> securityManager.sessionManager = $sessionManager >> # the following call is only necessary in a web-configured ShiroFilter >> (otherwise >> # a native session manager is already enabled): >> securityManager.sessionMode = native >> >> # cookie for single sign on >> cookie = org.apache.shiro.web.servlet.SimpleCookiecookie.name = SSOcookie >> cookie.path = / >> securityManager.sessionManager.sessionIdCookie = $cookie >> >> authcStrategy = waffle.shiro.negotiate.NegotiateAuthenticationStrategy >> securityManager.authenticator.authenticationStrategy = $authcStrategy >> >> [urls] >> /** = port[8199], authcBasic, noSessionCreation >> >> >> >> *CORS Filter* >> >> I have setup my CORS filter as follows in my dropwizard application >> >> private void enableCorsHeaders(Environment env) { >> final FilterRegistration.Dynamic corsFilter = >> env.servlets().addFilter("CrossOriginFilter", CrossOriginFilter.class); >> >> corsFilter.setInitParameter("Access-Header", "true"); >> corsFilter.setInitParameter("Access-Control-Allow-Credentials", >> "true"); >> corsFilter.setInitParameter("Access-Control-Allow-Origin", >> "http://localhost:4200";); >> corsFilter.setInitParameter("Access-Control-Allow-Headers", "Origin, >> X-Requested-With, Content-Type, Accept, Access-Control-Request-Headers, >> Access-Control-Request-Method, Cache-Control, Pragma, Expires"); >> corsFilter.setInitParameter("Access-Control-Allow-Methods\" ", >> "OPTIONS,GET,PUT,POST,DELETE,HEAD"); >> corsFilter.setInitParameter("allowedOrigins", "*"); >> corsFilter.setInitParameter("allowedHeaders", >> "X-Requested-With,Content-Type,Accept,Origin"); >> corsFilter.setInitParameter("allowedMethods", >> "OPTIONS,GET,PUT,POST,DELETE,HEAD"); >> corsFilter.setInitParameter(CrossOriginFilter.CHAIN_PREFLIGHT_PARAM, >> Boolean.FALSE.toString()); >> >> // Add URL mapping >> >> corsFilter.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST), >> true, "/*"); >> } >> >> -- You received this message because you are subscribed to the Google Groups "dropwizard-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
