Re: Tynamo Security w/ custom Realm

2016-11-09 Thread Adam X
Hello All - just want to say everything in Shiro was configured ok. The bug was in the implementation of my mock dao. All works nicely On Wed, Nov 9, 2016 at 2:49 PM, Adam X wrote: > So I set org.apache.shiro to DEBUG level and discovered that Shiro is > actually correctly

Re: Tynamo Security w/ custom Realm

2016-11-09 Thread Adam X
So I set org.apache.shiro to DEBUG level and discovered that Shiro is actually correctly authenticating but for some reason displays "Unauthorized" page: [DEBUG] com.foo.bar.core.engine.components.dao.UserManagementMockDao (getUser:444) - userId: donkey [DEBUG]

Re: Tynamo Security w/ custom Realm

2016-11-08 Thread Adam X
Hi Kyle, Thanks for taking a look. Indeed, I made the assumption that SimpleCredentialsMatcher is used by default, but as part of my troubleshooting I explicitly set it. doGetAuthenticationInfo is invoked for sure, because my logs show it (I also stepped thru with the debugger): [WARN]

Re: Tynamo Security w/ custom Realm

2016-11-08 Thread Kalle Korhonen
Looks fine at a quick glance. As I recall, an AuthenticatingRealm uses SimpleCredentialsMatcher by so it should match plain text passwords. Are you sure it's not authenticating, or is doGetAuthenticationInfo invoked at all? Do you have any other realms configured? Get the simple, single realm use

Tynamo Security w/ custom Realm

2016-11-08 Thread Adam X
Howdy ! I followed tynamo setup guide (http://www.tynamo.org/tapestry-security+guide/) combined with federated accounts example (https://github.com/tynamo/tynamo-federatedaccounts). I believe I have the setup hooked up correctly as my annotated page with @RequiresRoles("administrator") is not