Thank you Bram, I'll have a look at it. :)
Hendy On Tue, Oct 30, 2012 at 1:24 AM, Bram Pouwelse <b...@pouwelse.com> wrote: > Hi Hendy, > > I'm using Apache Shiro in my application, while working on the integration > I was working on a sample project for this but never found the time to > really finish the sample project but you can find the it on GitHub [1]. > > Kind regards, > Bram Pouwelse > > > [1]: > https://github.com/brampouwelse/org.ops4j.pax.wicket/tree/master/samples/apache-shiro > > 2012/10/29 Hendy Irawan <he...@soluvas.com> > >> Hi, >> >> Is there an example demonstrating securing a web application hosted in >> Pax Web/Karaf using Apache Shiro? >> (I use Pax Wicket, but I presume this applies to any Pax Web app?) >> >> Should I use shiro-core or shiro-web ? >> >> Shiro Karaf feature is available >> at mvn:org.apache.shiro/shiro-features/1.2.1/xml/features so installing it >> is easy, but I am confused how to use it.. >> >> i tried something like : >> >> private transient Logger log = LoggerFactory.getLogger(LoginPage.class); >> private final LoginFormModel loginFormModel = new LoginFormModel(); >> private transient final Subject currentUser; >> >> public LoginPage() { >> super(); >> >> Ini ini = new Ini(); >> ini.load(LoginPage.class.getResourceAsStream("default.realm.ini")); >> IniRealm defaultRealm = new IniRealm(ini); >> SecurityUtils.setSecurityManager(new DefaultWebSecurityManager( >> defaultRealm)); >> currentUser = SecurityUtils.getSubject(); >> add(new Label("currentUser", String.valueOf(currentUser.getPrincipal()))); >> >> final Form<LoginFormModel> loginForm = new >> Form<LoginFormModel>("loginForm", new >> Model<LoginFormModel>(loginFormModel)); >> add(loginForm); >> loginForm.add(new TextField<String>("username", new >> PropertyModel<String>(loginFormModel , "username"))); >> loginForm.add(new PasswordTextField("password", new >> PropertyModel<String>(loginFormModel , "password"))); >> loginForm.add(new CheckBox("rememberMe", new >> PropertyModel<Boolean>(loginFormModel, "rememberMe"))); >> loginForm.add(new AjaxButton("login") { >> @Override >> protected void onSubmit(AjaxRequestTarget target, Form<?> form) { >> log.info("Processing {}", loginFormModel); >> target.add(feedbackPanel); >> currentUser.login(new UsernamePasswordToken(loginFormModel >> .getUsername(), loginFormModel.getPassword() >> .toCharArray())); >> super.onSubmit(target, form); >> } >> @Override >> protected void onError(AjaxRequestTarget target, Form<?> form) { >> target.add(feedbackPanel); >> super.onError(target, form); >> } >> }); >> } >> >> But got: >> >> Unexpected RuntimeException >> >> Last cause: SessionContext must be an HTTP compatible implementation. >> WicketMessage: Method onRequest of interface >> org.apache.wicket.behavior.IBehaviorListener targeted at >> org.apache.wicket.ajax.markup.html.form.AjaxButton$1 {event='onclick'} on >> component [ [Component id = login]] threw an exception >> >> >> Stacktrace >> >> Root cause: >> >> java.lang.IllegalArgumentException: SessionContext must be an HTTP >> compatible implementation. >> >> >> >> at >> org.apache.shiro.web.session.mgt.ServletContainerSessionManager.createSession(ServletContainerSessionManager.java:103) >> at >> org.apache.shiro.web.session.mgt.ServletContainerSessionManager.start(ServletContainerSessionManager.java:64) >> >> >> >> at >> org.apache.shiro.mgt.SessionsSecurityManager.start(SessionsSecurityManager.java:121) >> at >> org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:336) >> at >> org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:312) >> >> >> >> at >> org.apache.shiro.mgt.DefaultSubjectDAO.mergePrincipals(DefaultSubjectDAO.java:182) >> at >> org.apache.shiro.mgt.DefaultSubjectDAO.saveToSession(DefaultSubjectDAO.java:163) >> at >> org.apache.shiro.mgt.DefaultSubjectDAO.save(DefaultSubjectDAO.java:144) >> >> >> >> at >> org.apache.shiro.mgt.DefaultSecurityManager.save(DefaultSecurityManager.java:383) >> at >> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:350) >> at >> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) >> >> >> >> at >> org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) >> at >> org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) >> at org.soluvas.web.login.LoginPage$1.onSubmit(LoginPage.java:56) >> >> >> >> -- >> Hendy Irawan - on Twitter <http://twitter.com/hendybippo> - on >> LinkedIn<http://id.linkedin.com/in/hendyirawan> >> Web Developer | Bippo Indonesia <http://www.bippo.co.id/> | Akselerator >> Bisnis | Bandung >> >> >> _______________________________________________ >> general mailing list >> general@lists.ops4j.org >> http://lists.ops4j.org/mailman/listinfo/general >> >> > > _______________________________________________ > general mailing list > general@lists.ops4j.org > http://lists.ops4j.org/mailman/listinfo/general > > -- Hendy Irawan - on Twitter <http://twitter.com/hendybippo> - on LinkedIn<http://id.linkedin.com/in/hendyirawan> Web Developer | Bippo Indonesia <http://www.bippo.co.id/> | Akselerator Bisnis | Bandung
_______________________________________________ general mailing list general@lists.ops4j.org http://lists.ops4j.org/mailman/listinfo/general