I am doing this so far programmatically. Server is my embedded Jetty. How
can I set this DefaultWebSecurityManager to be used on my jetty instance
keeping in mind
SecurityUtils.getSecurityManager() returns an already configured non web
shiro security manager/realms that was set up previously in the
application.
how can I set my default web security manager on my server?
Ini ini = new Ini();
ini.addSection("main");
ini.getSection("main").put("authcRealm", "mySecurity.WebRealm");
ini.getSection("main").put("authc2",
"org.apache.shiro.web.filter.authc.FormAuthenticationFilter");
ini.getSection("main").put("lookedUpRealm",
"mySecurity.WebRealm");
ini.getSection("main").put("authc.loginUrl", "/login.jsp");
ini.getSection("main").put("authc2.loginUrl", "/login.jsp");
ini.getSection("main").put("securityManager.realms",
"$lookedUpRealm");
ini.addSection("urls");
ini.getSection("urls").put("/secure/**", "authc");
ini.getSection("urls").put("/login.jsp", "authc");
ini.getSection("urls").put("/", "authc2");
Factory<org.apache.shiro.mgt.SecurityManager> factory = new
IniSecurityManagerFactory(ini);
org.apache.shiro.mgt.SecurityManager sm = new
DefaultWebSecurityManager();
server.setHandler(myContext);
server.start();
