It looks to me like, in your code, you should be adding IniShiroFilter
instead of BasicHttpAuthenticationFilter. And then, in the [urls]
section of shiro.ini, you'll need something like:
/** = authcBasic
-Jared
On Wed 02 May 2012 10:04:39 AM CDT, MattShaw wrote:
> Hi Lee,
>
> Ok thanks,
>
> I'm inexperienced in this area and so I'm not sure how to integrate the
> Shiro implementation with our new Embedded Jetty Server. I assumed there
> would be a mechanism.
>
> I'm currently using Shiro 1.1 and Jetty 8.1
>
> The Jetty Code looks like this:
>
> m_rssServer = new Server(m_portNumber);
> ServletContextHandler context = new
> ServletContextHandler(ServletContextHandler.SESSIONS);
> context.setContextPath("/");
> FilterHolder filterHolder = new FilterHolder();
> filterHolder.setFilter(new BasicHttpAuthenticationFilter());
> EnumSet<DispatcherType> types = EnumSet.allOf(DispatcherType.class);
> context.addFilter(filterHolder, "/*", types);
> context.addServlet(new ServletHolder(new FeedHandler()),"/*");
> m_rssServer.setHandler(context);
> m_rssServer.start();
>
> Where Server is the Jetty embedded Jetty server.
>
> When I now run this modified code the Browser doesn't challenge me for a
> username/password, it just shows the content as if the Filter wasn't there?
>
> I don't have a web.xml or any other config file apart from the shiro.ini
> which has the following content:
>
> # =======================
> # Shiro INI configuration
> # =======================
>
> [main]
> # Objects and their properties are defined here,
> # Such as the securityManager, Realms and anything
> # else needed to build the SecurityManager
> activeDirectoryRealm =
> org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
> activeDirectoryRealm.url = ldap://<hidden from forum>
>
> iniRealm = org.apache.shiro.realm.text.IniRealm
> iniRealm.resourcePath = vkb.ini
>
> authcStrategy = org.apache.shiro.authc.pam.FirstSuccessfulStrategy
>
> securityManager.authenticator.authenticationStrategy = $authcStrategy
>
> securityManager.sessionManager.globalSessionTimeout = 1800000
>
> [users]
> # The 'users' section is for simple deployments
> # when you only need a small number of statically-defined
> # set of User accounts.
> testUser=password
> testUser1=password1
> testUser2=password2
> testUser3=password3
> guest=guest
>
> [roles]
> # The 'roles' section is for simple deployments
> # when you only need a small number of statically-defined
> # roles.
>
> [urls]
> # The 'urls' section is used for url-based security
> # in web applications. We'll discuss this section in the
> # Web documentation
>
> Please could you offer any advise as I am obviosuly missing something?
>
> Best regards
>
> Matt
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Integration-of-Shiro-with-Embedded-Jetty-tp7519712p7520498.html
> Sent from the Shiro User mailing list archive at Nabble.com.
