subject:"Shiro Guice \- Requires annotations are ignored\/unprocessed"

Re: Shiro Guice - Requires annotations are ignored/unprocessed

2018-04-13 Thread Brian Demers

I'm guessing your GuiceTest isn't getting picked up by any AOP processing.
It is likely just still a POJO at that time when you call your methods.
IIRC, if you move those annotated methods to a guice component they will
start to work.

On Fri, Apr 13, 2018 at 9:31 AM, Ken Han  wrote:

> I'm experimenting with Shiro + Guice with the goal of using them to
> implement
> an authorization service in a jsf web application. But I'm having trouble
> with getting the @RequiresRoles and @RequiresPermissions to actually work.
> It looks like they are being ignored.
>
> My shiro module looks like this:
>
>
> public class MyShiroModule extends ShiroModule {
>
> private final String DUKE_ROLE = "duke";
>
> private final DomainPermission DUKE_PERMISSION = new
> DomainPermission("duking");
>
> @Override
> protected void configureShiro() {
> MySimpleAccountRealm simpleAccountRealm = new
> MySimpleAccountRealm("Feudal realm");
>
> Set duke_permissions = new HashSet<>();
> duke_permissions.add(DUKE_PERMISSION);
>
> SimpleRole duke = new SimpleRole(DUKE_ROLE, duke_permissions);
>
> simpleAccountRealm.addAccount("kenzo", "atreides", duke);
>
> bindRealm().toInstance(simpleAccountRealm);
> }
> }
>
>
>
> As you can see I've created my own Realm and added a user with a sing role
> and permission. I've created an extension of the SimpleAccountRealm because
> I wanted to add roles with permissions to an account.
>
> MySimpleAccountRealm looks like this:
>
>
> public class MySimpleAccountRealm extends SimpleAccountRealm {
>
> public MySimpleAccountRealm(String name) {
> super(name);
> }
>
> public void addAccount(String username, String password, SimpleRole...
> roles) {
> //Get all the role names from the roles array
> Set roleNames =
> Arrays.stream(roles).map(SimpleRole::getName).collect(Collectors.toSet());
>
> //Get every permission from the roles
> Set permissions = new HashSet<>();
> Arrays.stream(roles).forEach(r ->
> permissions.addAll(r.getPermissions()));
>
> SimpleAccount account = new SimpleAccount(username, password,
> getName(),
> roleNames, permissions);
> add(account);
> }
> }
>
>
>
> I have a simple Main class:
>
>
> public class Main {
> public static void main(String[] args) {
> GuiceTest test = new GuiceTest();
> test.gogo();
> }
> }
>
>
>
> My test class looks like:
>
>
> public class GuiceTest {
> private Injector injector;
> private SecurityManager securityManager;
>
> public GuiceTest() {
> injector = Guice.createInjector(new MyShiroModule(), new
> ShiroAopModule());
> securityManager = injector.getInstance(SecurityManager.class);
> SecurityUtils.setSecurityManager(securityManager);
> }
>
> public void gogo() {
> Subject currentUser = SecurityUtils.getSubject();
> loginUser(currentUser);
>
> testValidWithoutAnnotation(currentUser);
> testInvalidWithoutAnnotation(currentUser);
> testValidRoleAnnotation();
> testInvalidRoleAnnotation();
>
> currentUser.logout();
> }
>
>
> private void loginUser(Subject currentUser) {
> if (!currentUser.isAuthenticated()) {
> UsernamePasswordToken token = new UsernamePasswordToken("kenzo",
> "atreides");
> token.setRememberMe(true);
> try {
> currentUser.login(token);
>
> //say who they are:
> //print their identifying principal (in this case, a username):
> System.out.println("User [" + currentUser.getPrincipal() + "]
> logged in successfully.");
> } catch (UnknownAccountException uae) {
> System.out.println("There is no user with username of " +
> token.getPrincipal());
> } catch (IncorrectCredentialsException ice) {
> System.out.println("Password for account " +
> token.getPrincipal() + " was incorrect!");
> } catch (LockedAccountException lae) {
> System.out.println("The account for username " +
> token.getPrincipal() + " is locked.  " +
> "Please contact your administrator to unlock it.");
> }
> // ... catch more exceptions here (maybe custom ones specific to
> your application?
> catch (AuthenticationException ae) {
> //unexpected condition?  error?
> }
> }
> }
>
>
> @RequiresRoles("dontHaveThisRoles")
> public void testInvalidRoleAnnotation() {
> System.out.println("Testing (with annotation) that the user has the
> role 'dontHaveThisRoles'. User doesn't have this, so it should cause an
> AuthenticationException.");
> }
>
> @RequiresRoles("duke")
> public void testValidRoleAnnotation() {
> System.out.println("Testing (with annotation) that the user has the
> role 'duke'. User has this role, so this should be printed.");
> }
>
> private void testValidWithoutAnnotation(Subject currentUser) {
> if (currentUser.hasRole("duke")) {
> System.out.println("Testing (without annotation)

Shiro Guice - Requires annotations are ignored/unprocessed

2018-04-13 Thread Ken Han

I'm experimenting with Shiro + Guice with the goal of using them to implement
an authorization service in a jsf web application. But I'm having trouble
with getting the @RequiresRoles and @RequiresPermissions to actually work.
It looks like they are being ignored.

My shiro module looks like this:


public class MyShiroModule extends ShiroModule {

private final String DUKE_ROLE = "duke";

private final DomainPermission DUKE_PERMISSION = new
DomainPermission("duking");

@Override
protected void configureShiro() {
MySimpleAccountRealm simpleAccountRealm = new
MySimpleAccountRealm("Feudal realm");

Set duke_permissions = new HashSet<>();
duke_permissions.add(DUKE_PERMISSION);

SimpleRole duke = new SimpleRole(DUKE_ROLE, duke_permissions);

simpleAccountRealm.addAccount("kenzo", "atreides", duke);

bindRealm().toInstance(simpleAccountRealm);
}
}



As you can see I've created my own Realm and added a user with a sing role
and permission. I've created an extension of the SimpleAccountRealm because
I wanted to add roles with permissions to an account.

MySimpleAccountRealm looks like this:


public class MySimpleAccountRealm extends SimpleAccountRealm {

public MySimpleAccountRealm(String name) {
super(name);
}

public void addAccount(String username, String password, SimpleRole...
roles) {
//Get all the role names from the roles array
Set roleNames =
Arrays.stream(roles).map(SimpleRole::getName).collect(Collectors.toSet());

//Get every permission from the roles
Set permissions = new HashSet<>();
Arrays.stream(roles).forEach(r ->
permissions.addAll(r.getPermissions()));

SimpleAccount account = new SimpleAccount(username, password, getName(),
roleNames, permissions);
add(account);
}
}



I have a simple Main class:


public class Main {
public static void main(String[] args) {
GuiceTest test = new GuiceTest();
test.gogo();
}
}



My test class looks like:


public class GuiceTest {
private Injector injector;
private SecurityManager securityManager;

public GuiceTest() {
injector = Guice.createInjector(new MyShiroModule(), new
ShiroAopModule());
securityManager = injector.getInstance(SecurityManager.class);
SecurityUtils.setSecurityManager(securityManager);
}

public void gogo() {
Subject currentUser = SecurityUtils.getSubject();
loginUser(currentUser);

testValidWithoutAnnotation(currentUser);
testInvalidWithoutAnnotation(currentUser);
testValidRoleAnnotation();
testInvalidRoleAnnotation();

currentUser.logout();
}


private void loginUser(Subject currentUser) {
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken("kenzo",
"atreides");
token.setRememberMe(true);
try {
currentUser.login(token);

//say who they are:
//print their identifying principal (in this case, a username):
System.out.println("User [" + currentUser.getPrincipal() + "]
logged in successfully.");
} catch (UnknownAccountException uae) {
System.out.println("There is no user with username of " +
token.getPrincipal());
} catch (IncorrectCredentialsException ice) {
System.out.println("Password for account " +
token.getPrincipal() + " was incorrect!");
} catch (LockedAccountException lae) {
System.out.println("The account for username " +
token.getPrincipal() + " is locked.  " +
"Please contact your administrator to unlock it.");
}
// ... catch more exceptions here (maybe custom ones specific to
your application?
catch (AuthenticationException ae) {
//unexpected condition?  error?
}
}
}


@RequiresRoles("dontHaveThisRoles")
public void testInvalidRoleAnnotation() {
System.out.println("Testing (with annotation) that the user has the
role 'dontHaveThisRoles'. User doesn't have this, so it should cause an
AuthenticationException.");
}

@RequiresRoles("duke")
public void testValidRoleAnnotation() {
System.out.println("Testing (with annotation) that the user has the
role 'duke'. User has this role, so this should be printed.");
}

private void testValidWithoutAnnotation(Subject currentUser) {
if (currentUser.hasRole("duke")) {
System.out.println("Testing (without annotation) that the user
has the role 'duke'. User has this role.");

} else {
System.out.println("Pleb");
}
}

private void testInvalidWithoutAnnotation(Subject currentUser) {
if (!currentUser.hasRole("nope")) {
System.out.println("Testing (without annotation) that the user
has the role 'nope'. User doesn't have this role.");
}
}

}





When running the application I get the following output:

User [kenzo] logged in successfully.
Testing (without annotation) that the user has the role 'duke'. User has
this role.

Re: Shiro Guice - Requires annotations are ignored/unprocessed

Shiro Guice - Requires annotations are ignored/unprocessed

2 matches

Site Navigation

Mail list logo

Footer information