Hi Parin, Sometime back i have faced the similar. mailing list reference. [ https://mail.google.com/mail/u/0/#search/shiro/15c0c3337b41e34e]
Following worked for me when started a locator with shiro.ini, Have a look if it helps in your case. Note: This is with starting a locator from gfsh. You have to keep your config file under resources folder. 1. //created a jar named shiro-config.jar containing shiro.ini bin/resources $ jar -cf shiro-config.jar shiro.ini 2. gfsh>start locator --name=l1 --classpath=./bin/resources/shiro-config.jar:../lib/* --security-properties-file=/work/geode/locator.properties It seems, by default required CLASSPATH is not getting set and hence throwing the exception. Though This is not a clean way, but worked for me! @John, thanks a lot for putting a security related examples, really helpful. Regards, Nilkanth Patel. On Mon, Jun 5, 2017 at 4:07 PM, Parin dazz <[email protected]> wrote: > Thank you so much John for detailed updates & upcoming magic :) > > Regarding apache-shiro, I can see various ways for geode server using > @EnableSecurity(INI/Realm) annotation but how I can include the same in > locator. > > I tried below one, > > File: locator.properties > security-shiro-init=/home/parin/Downloads/apache-geode/shiro.properties > > But it says me, > Exception in thread "main" org.apache.shiro.config.ConfigurationException: > java.io.IOException: Resource [classpath:/home/parin/ > Downloads/apache-geode/shiro.properties] could not be found. > > Same as if I provide my custom SecurityManager implementation, how can I > refer that in locator properties? > > Thanks, > Parin > > On Sun, Jun 4, 2017 at 12:19 AM, John Blum <[email protected]> wrote: > >> Hi Parin- >> >> Thank you for the kind words; means a lot to me and I definitely >> appreciate it. >> >> So, good news! I do have an example (several, actually) of using the new >> Apache Geode Security Model (e.g. SecurityManager) with *Spring Data >> Geode*. In fact that was the central theme in the last release of SDG >> 1.0.0.INCUBATING-RELEASE. See my blog post here >> <https://spring.io/blog/2016/11/10/spring-data-geode-1-0-0-incubating-release-released> >> [1] >> (the "*Security*" piece starts a couple of sections down after "*What's >> New*"). >> >> The actual code I built >> <https://github.com/jxblum/contacts-application/blob/apache-geode/security-example/src/test/java/example/app/geode/security/GeodeSecurityIntegrationTests.java> >> [2] >> when writing the blog post is part of (what will eventually become) the >> *Reference >> Implementation* (RI) of *Spring Data GemFire/Geode*. Unfortunately, I >> have not had a lot of time to document this yet either in SDG Ref Guide or >> in READMEs associated with the RI repo. >> But, hopefully, the blog post helps and the code is self-explanatory; >> docs are coming, I promise. However, I have since then added automated >> tests >> <https://github.com/spring-projects/spring-data-geode/tree/master/src/test/java/org/springframework/data/gemfire/config/annotation> >> [3] >> for the Security bits based on this example, since it is important to have >> both the client as well as the server-side of the Security equation. In >> the example, I think I setup a secure server manually where as the tests >> actually configure and fork one. Anyway, if you questions, please do let >> me know. >> >> >> As for the new release.... >> >> Great question and one that seems to be of most interests to the >> community right now where *Spring* and Geode intersect. This was >> recently asked on *StackOverflow* >> <https://stackoverflow.com/questions/44204043/spring-support-for-apache-geode-spring-data-geode> >> [4] >> as well. My answer to the SO post was somewhat verbose, so let me recap >> here for everyones benefit... >> >> I am planning a *Spring Data Geode* *1.1.0.RELEASE* that builds on >> Apache Geode *1.1.1*. The 2 central themes in this are... >> >> 1. Early *Lucene* support. >> >> As you may know, Apache Geode now integrates with Apache Lucene to create >> Lucene Indexes for textual based searches on data in GemFire Regions. I added >> first class support in SDG >> <http://docs.spring.io/spring-data-gemfire/docs/2.0.0.M3/reference/html/#bootstrap:lucene> >> [5] >> above and beyond what even Apache Geode is capable of (e.g. >> projections/mapping based on *Spring Data Commons* infrastructure) for >> this new API/integration. This is *done*. >> >> 2. *Annotation config* model extensions. >> >> Some people are already familiar and even using with the new, *Spring >> Boot* style Annotation support I added in SDG. However, 1 of the >> initial limitations of the Annotation config was having the ability to >> "dynamically" configure aspects of Geode (e.g. port numbers >> <https://github.com/spring-projects/spring-data-geode/blob/master/src/main/java/org/springframework/data/gemfire/config/annotation/EnableCacheServer.java#L134> >> [6]) >> when the Annotations are used. My goal was to preserve the "type-safe" >> nature of the Annotation attributes while still allowing those attributes >> to be dynamically configured. >> >> Of course, I could have used Spring property placeholders and SpEL >> expressions, but that would have required me to give up type safety and >> make all the Annotation attributes Strings... blah, no! So, instead, I am >> introducing Configurers and well-known, document properties that users can >> set in an application.properties file that correspond to Annotation >> attributes where the precedence is... *Annotation attribute* -> >> *Property* -> *XYZConfigurer* (e.g. CacheServerConfigurer >> <https://github.com/spring-projects/spring-data-geode/blob/master/src/main/java/org/springframework/data/gemfire/config/annotation/CacheServerConfigurer.java> >> [7]). >> >> Since the Annotations create *Spring* beans for Geode components for >> you, with very little effort (i.e. using OOTB defaults when attributes are >> not customized), the Configurers give you a way to access the >> "configuration" (on the appropriate Spring FactoryBean) before the Geode >> component is created. To use a Configurer, you register it like any other >> Spring bean, which then gives you the ability to also use Spring property >> placeholder and SpEL expressions in those JavaConfig bean definitions, >> therefore kill 2 birds with 1 stone (sorry, that sounds cruel; figure of >> speech). Here is an example >> <https://github.com/spring-projects/spring-data-geode/blob/master/src/test/java/org/springframework/data/gemfire/config/annotation/CacheServerConfigurerIntegrationTests.java#L87-L114> >> [8]. >> >> So, the Configurers are *done*, the Well-Known/Documented Properties are >> a *WIP*, as well as the Ref Guide documentation, phew. >> >> This dynamic configuration support using Annotations was requested and >> needed by several members of the Geode community that use *Spring*, like >> *Roger >> Vandusen* from *Mastercard*. I have not forgotten about you my friend. >> >> I *sincerely apologize to the community* that this new feature support >> and the next release of SDG for Apache Geode 1.1.1 has taken so long. >> >> Anyway, once I get the last bit done, I will push 1 *final* *Spring Data >> Geode* *1.1.0.RELEASE* based on Apache Geode 1.1.1. >> >> I say "*final*" because *Spring Data Geode* is becoming a new, >> *top-level* *Spring Data* module in the *Spring Data* portfolio >> <http://projects.spring.io/spring-data/> [9] (like *Spring Data GemFire*, >> but separate now, yay). I am super excited about this and I hope the >> community will be too. It already has a new GitHub Repo home, here >> <https://github.com/spring-projects/spring-data-geode> [10]. >> >> So, *Spring Data Geode* will be part of the *Spring Data Release Train >> <https://github.com/spring-projects/spring-data-commons/wiki>* [11] >> (from *Kay* onward; see right-side nav bar on Wiki page), which means SD >> Geode will have predictable and regular releases, and will be based on >> Apache Geode *1.2.0*. However, it also means that Apache Geode 1.2.0 >> needs to be released before SD Geode can be added to the train. And, it >> also means several other important things... >> >> 1. I will *not* be doing individual releases of SD Geode going forward >> after SD Geode is added to the train. >> >> 2. SD Geode will be at version 2.0.0 (based on Apache Geode 1.2.0); so >> the version numbers between Apache Geode and SD Geode will not longer align >> (which is actually the same as *Spring Data GemFire* for Pivotal >> GemFire, too), partly because... >> >> 3. SDG also builds on *Spring* *5*, with the major themes being *Java 8*, >> *Reactive* and *Functional programming* support, so we are bumping the >> major version for all SD modules. >> >> Anyway, I hope this helps and clears up the muddy waters on what has been >> happening on *Spring Data Geode*. I am also involved in several other >> things, like... >> >> 1. Moving the *Spring Boot* auto-configuration support for Apache >> Geode/Pivotal GemFire I built into *Spring Boot* to a new home >> <https://github.com/spring-projects/spring-boot-data-gemfire> [12], a >> major WIP. >> >> 2. Moving the *Spring Session Data Geode/GemFire* support to its new home >> <https://github.com/spring-projects/spring-session-data-geode> [13], as >> of *Spring Session* 2.0, also a major WIP. >> >> 3. And, building *Spring* support in PCF for Pivotal GemFire/Apache >> Geode. >> >> Let me know if you have other questions. >> >> Cheers my friend, >> John >> >> >> [1] https://spring.io/blog/2016/11/10/spring-data-geode-1-0- >> 0-incubating-release-released >> [2] https://github.com/jxblum/contacts-application/blob/apac >> he-geode/security-example/src/test/java/example/app/geode/ >> security/GeodeSecurityIntegrationTests.java >> [3] https://github.com/spring-projects/spring-data-geode/tre >> e/master/src/test/java/org/springframework/data/gemfire/config/annotation >> [4] https://stackoverflow.com/questions/44204043/spring-supp >> ort-for-apache-geode-spring-data-geode >> [5] http://docs.spring.io/spring-data-gemfire/docs/2.0.0.M3/ >> reference/html/#bootstrap:lucene >> [6] https://github.com/spring-projects/spring-data-geode/blo >> b/master/src/main/java/org/springframework/data/gemfire/conf >> ig/annotation/EnableCacheServer.java#L134 >> [7] https://github.com/spring-projects/spring-data-geode/blo >> b/master/src/main/java/org/springframework/data/gemfire/conf >> ig/annotation/CacheServerConfigurer.java >> [8] https://github.com/spring-projects/spring-data-geode/blo >> b/master/src/test/java/org/springframework/data/gemfire/conf >> ig/annotation/CacheServerConfigurerIntegrationTests.java#L87-L114 >> [9] http://projects.spring.io/spring-data/ >> [10] https://github.com/spring-projects/spring-data-geode >> [11] https://github.com/spring-projects/spring-data-commons/wiki >> [12] https://github.com/spring-projects/spring-boot-data-gemfire >> [13] https://github.com/spring-projects/spring-session-data-geode >> >> >> On Sat, Jun 3, 2017 at 12:12 AM, Parin dazz <[email protected]> >> wrote: >> >>> Hi, >>> >>> Do we have any example on how to use/implement security manager with >>> spring-data-geode? >>> >>> More, haven't heard anything for new release of spring-data-geode :) >>> Very much excited for the new features and hard work john is doing. Any >>> news on release date? >>> >>> >>> Regards, >>> Parin >>> >> >> >> >> -- >> -John >> john.blum10101 (skype) >> > >
