Hi, after some experimental testing and evaluation I decided to use Apache Shiro in one of my projects. So I tried to customize Shiros authentication/authorization behaviour by subclassing the org.apache.shiro.realm.AuthorizingRealm abstract class and putted it in my ini-config.
Now my INI looks like: "[main] rest = org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter secureRealm = de.hshsoft.custobee.security.SecureRealm [urls] /acp/plugin = authcBasic, rest /contacts = authcBasic, rest /logout = authcBasic, rest /acp/user = authcBasic, rest /acp/user/new = authcBasic, rest /** = anon" I've putted some logging messages into my Realm-class so I can see what's going on. And here's the problem: - after reading the ini, the realm class is instantiated [OK] - trying to access one of the "protected" resources shows me the wished login-prompt [OK] - sending the filled login-prompt never ever executes the doGetAuthenticationInfo() or doGetAuthorizationInfo() methods of my realm [FAILURE] I've no idea what's wrong with my code or my approach... :-( Please give me a tip to the right direction to get this code running. Mit freundlichen Grüßen, Greets, Christian Scharr Dipl. Wirtschaftsinformatiker (BA) MESO-Entwicklung ---------- HSH Soft- und Hardware Vertriebs GmbH Rudolf-Diesel-Straße 2 16356 Ahrensfelde Tel. (Zentrale): +49 (0)30/94 004 0 Tel. (Hotline): +49 (0)30/94 004 444 Fax: +49 (0)30/94 004 400 eMail: [email protected] --- Amtsgericht Frankfurt (Oder): HRB 7352 FF Geschäftsführer: Stephan Hauber
