Hi,
I am new to Apache Shiro and hope you can answer some of the question that's
been puzzling me.
1. I'm trying to use Shiro as a means to authenticate users for my web
application. The business tier will be done using EJB 3 (stateless session
beans and entity bean), fronted by a Jersey REST service. The client will
be a web application, with passing in username/password using a basic html
form.
2. In the web.xml, the config param-value for the ShiroFilter, I have:
[main]
realmFactory.class = org.apache.shiro.realm.jndi.JndiRealmFactory
realmFactory.jndiNames = jdbc/myproject/DataSource
[filters]
authc = FormAuthenticationFilter
authc.loginUrl = /login.html
Is this correct?
3. So would I be placing the method, authenticateUser, inside my session
bean class? If it is, then calling
SecurityUtils.getSubject() will use the JNDI datasource setup in the
web.xml to get the user? I read that the default query string is "select
password from users where username = ?". What if my database has users
table slightly different than the default value? How would I go about
overriding the default query string?
I'm excited to use Apache Shiro for my need. Any help or guidance you can
provide would help me greatly. Sorry about these newbie questions.
Thanks,
Lucian
--
View this message in context:
http://n2.nabble.com/EJB-3-and-overriding-default-query-tp3149431p3149431.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
