Hi, I am trying to use Shiro with an Eclipse RAP web application in a tomcat6 container.
I configured a ShiroFilter in the web.xml and Shiro does indeed ask for the login and verifies it correctly. However in the application code I get a UnavailableSecurityManagerException: org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration. This is probably due to the equinox servletbridge. I then added code to initialise the SecurityManager in my app manually and register my realm with it. After that I can get a subject, but it is not authorised: I do get a principal from the HttpServletRequest (and that shows that Shiro initially did authorise me): HttpServletRequest request = RWT.getRequest(); request.getRemoteUser() => lothar request.getUserPrincipal() => lothar request.getUserPrincipal().getClass().getName() => org.apache.shiro.web.servlet.ShiroHttpServletRequest$ObjectPrincipal But if I try to access the Shiro subject I get: Subject subject = SecurityUtils.getSubject(); subject.isAuthenticated() => false subject.getPrincipal() => null Any help is highly appreciated. Thanks! Lothar
