Hello James, SecurityManager is bound to thread by shiro filter on request start and unbound on request complete. Do you have something like https://gist.github.com/1505659 in your spring context?
Regards, Alexandr Vasilenko Web Developer 2011/12/21 Jamesb <[email protected]> > Hi, > > I am using the ShiroFilter within a Spring-based webapp. I was following > the guidance from this documentation: http://shiro.apache.org/spring.html > http://shiro.apache.org/spring.html > > I also want to use the jsp tag library <shiro:hasRole...> however, when I > run my application I get the following exception : > > org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager > accessible to the calling code, either bound to the > org.apache.shiro.util.ThreadContext or as a vm static singleton. This is > an > invalid application configuration. > at > org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123) > at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627) > ... > > unless I include the following in my ApplicationContext.xml: > > <bean > class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> > <property name="staticMethod" > value="org.apache.shiro.SecurityUtils.setSecurityManager"/> > <property name="arguments" ref="securityManager"/> > </bean> > > I understand that in order for the static SecurityUtils.XXX calls to work > there must be a ThreadLocal SecurityManager, and not including the xml > snippet above means there isn't one, hence the exception. However, > following the comment given in the example in the link above, > < !-- make the securityManager bean a static singleton. DO NOT do this in > web -- > > < !-- applications - see the 'Web Applications' section below instead. -- > > > Is there an alternative way I should be making the SecurityManager > available > to the <shiro:... tag library? > > Or is this a documentation bug?....and one should set the security manager > in SecurityUtils, but one shouldn't access it in this way, it should be > injected using your container? > > Thanks, > > -James > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Do-you-have-to-SecurityUtils-setSecurityManager-in-a-web-app-to-use-shiro-tag-library-tp7114798p7114798.html > Sent from the Shiro User mailing list archive at Nabble.com. >
