Hi Matt,
Yes, Jared's right, you'll probably want the main ShiroFilter
configured within Jetty. This is a 'master filter' of sorts that will
internally delegate to other filter chains define in shiro.ini (this
is much easier to do in shiro.ini than in Jetty-specific code IMO).
So, your code might look like this:
m_rssServer = new Server(m_portNumber);
ServletContextHandler context = new
ServletContextHandler(ServletContextHandler.SESSIONS);
context.setContextPath("/");
//set up Shiro 1.2+ environment:
EnvironmentLoaderListener listener = new EnvironmentLoaderListener();
context.callContextInitialized(listener, new ServletContextEvent());
//Add root ShiroFilter:
FilterHolder filterHolder = new FilterHolder();
filterHolder.setFilter(new ShiroFilter());
// all remaining filters and filter chains are defined in shiro.ini's
[urls] section.
EnumSet<DispatcherType> types = EnumSet.allOf(DispatcherType.class);
context.addFilter(filterHolder, "/*", types);
context.addServlet(new ServletHolder(new FeedHandler()),"/*");
m_rssServer.setHandler(context);
m_rssServer.start();
Now, I didn't test this, so you might have to tweak it a bit depending
on how Jetty's ServletContextHolder concept functions, but the idea is
what is important:
1) set up the EnvironmentLoaderListener to initialize Shiro (defaults
to shiro.ini in /WEB-INF/shiro.ini or at the root of the classpath).
2) create and init a ShiroFilter, which will look up and use the Shiro
WebEnvironment created in 1).
Shiro will then filter all requests. You can set up any remaining
servlet filters (including the BasicHttpAuthenticationFilter) in
shiro.ini's [urls] section, just like Jared showed (/** = authcBasic).
HTH,
--
Les Hazlewood
CTO, Stormpath | http://stormpath.com | 888.391.5282
twitter: @lhazlewood | http://twitter.com/lhazlewood
blog: http://leshazlewood.com
stormpath blog: http://www.stormpath.com/blog
On Wed, May 2, 2012 at 8:38 AM, Jared Bunting
<[email protected]> wrote:
> It looks to me like, in your code, you should be adding IniShiroFilter
> instead of BasicHttpAuthenticationFilter. And then, in the [urls]
> section of shiro.ini, you'll need something like:
>
> /** = authcBasic
>
> -Jared
>
> On Wed 02 May 2012 10:04:39 AM CDT, MattShaw wrote:
>> Hi Lee,
>>
>> Ok thanks,
>>
>> I'm inexperienced in this area and so I'm not sure how to integrate the
>> Shiro implementation with our new Embedded Jetty Server. I assumed there
>> would be a mechanism.
>>
>> I'm currently using Shiro 1.1 and Jetty 8.1
>>
>> The Jetty Code looks like this:
>>
>> m_rssServer = new Server(m_portNumber);
>> ServletContextHandler context = new
>> ServletContextHandler(ServletContextHandler.SESSIONS);
>> context.setContextPath("/");
>> FilterHolder filterHolder = new FilterHolder();
>> filterHolder.setFilter(new BasicHttpAuthenticationFilter());
>> EnumSet<DispatcherType> types = EnumSet.allOf(DispatcherType.class);
>> context.addFilter(filterHolder, "/*", types);
>> context.addServlet(new ServletHolder(new FeedHandler()),"/*");
>> m_rssServer.setHandler(context);
>> m_rssServer.start();
>>
>> Where Server is the Jetty embedded Jetty server.
>>
>> When I now run this modified code the Browser doesn't challenge me for a
>> username/password, it just shows the content as if the Filter wasn't there?
>>
>> I don't have a web.xml or any other config file apart from the shiro.ini
>> which has the following content:
>>
>> # =======================
>> # Shiro INI configuration
>> # =======================
>>
>> [main]
>> # Objects and their properties are defined here,
>> # Such as the securityManager, Realms and anything
>> # else needed to build the SecurityManager
>> activeDirectoryRealm =
>> org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
>> activeDirectoryRealm.url = ldap://<hidden from forum>
>>
>> iniRealm = org.apache.shiro.realm.text.IniRealm
>> iniRealm.resourcePath = vkb.ini
>>
>> authcStrategy = org.apache.shiro.authc.pam.FirstSuccessfulStrategy
>>
>> securityManager.authenticator.authenticationStrategy = $authcStrategy
>>
>> securityManager.sessionManager.globalSessionTimeout = 1800000
>>
>> [users]
>> # The 'users' section is for simple deployments
>> # when you only need a small number of statically-defined
>> # set of User accounts.
>> testUser=password
>> testUser1=password1
>> testUser2=password2
>> testUser3=password3
>> guest=guest
>>
>> [roles]
>> # The 'roles' section is for simple deployments
>> # when you only need a small number of statically-defined
>> # roles.
>>
>> [urls]
>> # The 'urls' section is used for url-based security
>> # in web applications. We'll discuss this section in the
>> # Web documentation
>>
>> Please could you offer any advise as I am obviosuly missing something?
>>
>> Best regards
>>
>> Matt
>>
>> --
>> View this message in context:
>> http://shiro-user.582556.n2.nabble.com/Integration-of-Shiro-with-Embedded-Jetty-tp7519712p7520498.html
>> Sent from the Shiro User mailing list archive at Nabble.com.
>
>
