Hi Mike,
Thanks for reporting that the newer <listener> configuration works -
that might help anyone who could have this issue in the future.
As to your shiro.ini - it looks good to me. On a side note, if you
can use it, I think you'll find the new
PasswordService/PasswordMatcher mechanisms introduced in 1.2 even
nicer than the older HashedCredentialsMatcher:
[main]
…
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
#config the passwordService w/ hashing strategies as necessary
passwordMatcher.passwordService = $passwordService
…
myRealm.credentialsMatcher = $passwordMatcher
#end ini
You can obtain the PasswordService to hash passwords and save them to
an account at runtime in an ini-configured web app by doing the
following (e.g. during account creation or password reset):
NamedObjectEnvironment env =
(NamedObjectEnvironment)WebUtils.getWebEnvironment(servletContext);
PasswordService svc = env.getObject("passwordService", PasswordService.class);
String encryptedPassword = svc.encryptPassword(userRawPlaintextPassword);
user.setPassword(encryptedPassword);
user.save();
In your Realm.getAuthenticationInfo() method (or
doGetAuthenticationInfo()), return an AuthenticationInfo instance
where getCredentials() returns the value of user.getPassword();
This will be mentioned again in a yet-to-be-released article on the
new features in Shiro 1.2. Hopefully that will be out on InfoQ in a
week or so.
HTH,
--
Les Hazlewood
CTO, Katasoft | http://www.katasoft.com | 888.391.5282
twitter: @lhazlewood | http://twitter.com/lhazlewood
katasoft blog: http://www.katasoft.com/blogs/lhazlewood
personal blog: http://leshazlewood.com
On Wed, Feb 1, 2012 at 10:04 AM, socket70 <[email protected]> wrote:
> Thanks Les.
>
> In short, I've got it working now.
>
> I had recently upgraded to Shiro 1.2 but I hadn't changed my web.xml file to
> use the new initialization procedure. So I still had this in my web.xml:
>
> <filter>
> <filter-name>ShiroFilter</filter-name>
> <filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>ShiroFilter</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
> I've now changed it to be this:
>
> <listener>
>
> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
> </listener>
> <filter>
> <filter-name>ShiroFilter</filter-name>
> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>ShiroFilter</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
> And now Shiro shuts down cleanly.
>
> Notice I did not have to set the EhCache system property as you suggested in
> your reply.
>
> So my shiro.ini looks like this (simplified for this post):
>
> [main]
>
> authc = com.myapp.auth.shiro.ShiroFormAuthenticationFilter
> authcRealm = com.myapp.auth.shiro.ShiroAuthorizingRealm
> matcher = org.apache.shiro.authc.credential.HashedCredentialsMatcher
> matcher.hashAlgorithmName = SHA-256
> matcher.hashIterations = 1
> authcRealm.credentialsMatcher = $matcher
> cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
> securityManager.realms = $authcRealm
> securityManager.cacheManager = $cacheManager
>
> And again, I'm not doing any special configuration for EhCache, so it's just
> using the ehcache.xml file that's included with Shiro.
>
> Does all of that (specifically the shiro.ini file) look correct?
>
> Thanks,
>
> -Mike
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Unclean-shutdown-of-Tomcat-related-to-EhCacheManager-tp6267587p7243842.html
> Sent from the Shiro User mailing list archive at Nabble.com.
