Hi Peter, You don't need the JndiRealmFactory unless you need to look up your Realm implementation from JNDI. This really exists for EJB environments and shouldn't be necessary in most cases.
The easiest way to configure Shiro is to use the simplified INI configuration. For web apps, you can define the Shiro INI Filter in web.xml as described here: http://incubator.apache.org/shiro/web.html INI is broken up into sections. The [main] section is where you define all of your object graphs and Shiro-specific beans. That is covered in detail here: http://incubator.apache.org/shiro/configuration.html So, if you wanted to create a custom realm, you could start off with this: [main] myRealm = com.company.security.shiro.CustomRealmImplementation # config properties as necessary ... securityManager.realm = $myRealm As for supporting REST-base security policies, you can do that by defining the HttpMethodPermissionFilter: http://incubator.apache.org/shiro/static/current/apidocs/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html For example: [main] myRealm = ... ... securityManager.realm = $myRealm ... # Create the HttpMethodPermissionFilter and give it the name 'rest'. It will then be available for filter chain definitions in the [urls] section. rest = org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter [urls] /app/** = authc, rest This filter chain definition means that the request has to both be authenticated (authc) as well as have the permission to make a REST call. See the HttpMethodPermissionFilter JavaDoc for more about REST-based permission checks. Also notice in the [urls] section, we referenced the 'authc' filter. The 'authc' filter and a number of other default filters are enabled automatically in the [main] section for web apps. You can configure them like any other bean (e.g. authc.loginUrl = /login etc). The default filters (and the name by which you can reference/configure them in INI) are defined here: http://incubator.apache.org/shiro/static/current/apidocs/org/apache/shiro/web/filter/mgt/DefaultFilter.html Anyway, I hope that helps clear up a lot of this. I'm going to add most of this stuff to the Shiro documentation today. Sorry about the confusion!!! Best, Les On Tue, Jun 1, 2010 at 1:23 AM, PDiefent <[email protected]> wrote: > > I'm a little bit stuck with the Shiro documentaion. > I really miss a little example to set up a realm coming from the web > container ... > > I think I have to start with the Shiro JndiRealmFactory ? > > I'm a bit clueless. > Peter > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Basic-authentication-with-tomcat-tp5120604p5124977.html > Sent from the Shiro User mailing list archive at Nabble.com. >
