Re: Pax Web/Wicket security with Apache Shiro (shiro-web?) example

Mon, 29 Oct 2012 11:25:41 -0700 

Hi Hendy,

I'm using Apache Shiro in my application, while working on the integration
I was working on a sample project for this but never found the time to
really finish the sample project but you can find the it on GitHub [1].

Kind regards,
Bram Pouwelse


[1]:
https://github.com/brampouwelse/org.ops4j.pax.wicket/tree/master/samples/apache-shiro

2012/10/29 Hendy Irawan <[email protected]>

> Hi,
>
> Is there an example demonstrating securing a web application hosted in Pax
> Web/Karaf using Apache Shiro?
> (I use Pax Wicket, but I presume this applies to any Pax Web app?)
>
> Should I use shiro-core or shiro-web ?
>
> Shiro Karaf feature is available
> at mvn:org.apache.shiro/shiro-features/1.2.1/xml/features so installing it
> is easy, but I am confused how to use it..
>
> i tried something like :
>
> private transient Logger log = LoggerFactory.getLogger(LoginPage.class);
> private final LoginFormModel loginFormModel = new LoginFormModel();
> private transient final Subject currentUser;
>
> public LoginPage() {
>  super();
>
> Ini ini = new Ini();
>  ini.load(LoginPage.class.getResourceAsStream("default.realm.ini"));
> IniRealm defaultRealm = new IniRealm(ini);
>  SecurityUtils.setSecurityManager(new DefaultWebSecurityManager(
> defaultRealm));
>  currentUser = SecurityUtils.getSubject();
> add(new Label("currentUser", String.valueOf(currentUser.getPrincipal())));
>
> final Form<LoginFormModel> loginForm = new
> Form<LoginFormModel>("loginForm", new
> Model<LoginFormModel>(loginFormModel));
>  add(loginForm);
> loginForm.add(new TextField<String>("username", new
> PropertyModel<String>(loginFormModel , "username")));
>  loginForm.add(new PasswordTextField("password", new
> PropertyModel<String>(loginFormModel , "password")));
>  loginForm.add(new CheckBox("rememberMe", new
> PropertyModel<Boolean>(loginFormModel, "rememberMe")));
>  loginForm.add(new AjaxButton("login") {
> @Override
>  protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
> log.info("Processing {}", loginFormModel);
>  target.add(feedbackPanel);
> currentUser.login(new UsernamePasswordToken(loginFormModel
>  .getUsername(), loginFormModel.getPassword()
> .toCharArray()));
>  super.onSubmit(target, form);
> }
>  @Override
>  protected void onError(AjaxRequestTarget target, Form<?> form) {
> target.add(feedbackPanel);
>  super.onError(target, form);
> }
>  });
> }
>
> But got:
>
> Unexpected RuntimeException
>
> Last cause: SessionContext must be an HTTP compatible implementation.
> WicketMessage: Method onRequest of interface 
> org.apache.wicket.behavior.IBehaviorListener targeted at 
> org.apache.wicket.ajax.markup.html.form.AjaxButton$1 {event='onclick'} on 
> component [ [Component id = login]] threw an exception
>
>  Stacktrace
>
> Root cause:
>
> java.lang.IllegalArgumentException: SessionContext must be an HTTP compatible 
> implementation.
>
>
>      at 
> org.apache.shiro.web.session.mgt.ServletContainerSessionManager.createSession(ServletContainerSessionManager.java:103)
>      at 
> org.apache.shiro.web.session.mgt.ServletContainerSessionManager.start(ServletContainerSessionManager.java:64)
>
>
>      at 
> org.apache.shiro.mgt.SessionsSecurityManager.start(SessionsSecurityManager.java:121)
>      at 
> org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:336)
>      at 
> org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:312)
>
>
>      at 
> org.apache.shiro.mgt.DefaultSubjectDAO.mergePrincipals(DefaultSubjectDAO.java:182)
>      at 
> org.apache.shiro.mgt.DefaultSubjectDAO.saveToSession(DefaultSubjectDAO.java:163)
>      at 
> org.apache.shiro.mgt.DefaultSubjectDAO.save(DefaultSubjectDAO.java:144)
>
>
>      at 
> org.apache.shiro.mgt.DefaultSecurityManager.save(DefaultSecurityManager.java:383)
>      at 
> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:350)
>      at 
> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183)
>
>
>      at 
> org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283)
>      at 
> org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
>      at org.soluvas.web.login.LoginPage$1.onSubmit(LoginPage.java:56)
>
>
>
> --
> Hendy Irawan - on Twitter <http://twitter.com/hendybippo> - on 
> LinkedIn<http://id.linkedin.com/in/hendyirawan>
> Web Developer | Bippo Indonesia <http://www.bippo.co.id/> | Akselerator
> Bisnis | Bandung
>
>
> _______________________________________________
> general mailing list
> [email protected]
> http://lists.ops4j.org/mailman/listinfo/general
>
>

_______________________________________________
general mailing list
[email protected]
http://lists.ops4j.org/mailman/listinfo/general

Reply via email to