Mario, I've had some experience with Camel, and some with Shiro, and some AD, just not together.
You refer to a policy - what is the definition for your policy? Is the failure 1) it won't run, 2) it incorrectly authorizes, or 3) it incorrectly denies? I will certainly be using Camel, Shiro and AD together at some point, so I am interested in your results. Regards, Jonathan On Wed, May 16, 2012 at 6:35 PM, mgiammarco <[email protected]> wrote: > Hello, > I am using shiro with camel. I can authenticate an user with activedirectory > (ldap) but I am not able to map user groups in roles to user permissions. > And camel needs absolutely permissions to work. > > Here is my config.ini: > > [main] > authcStrategy = org.apache.shiro.authc.pam.FirstSuccessfulStrategy > securityManager.authenticator.authenticationStrategy = $authcStrategy > > > activeDirectoryRealm = > org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm > activeDirectoryRealm.systemUsername=cn=padl,cn=Users,dc=comune,dc=prato,dc=local > activeDirectoryRealm.systemPassword=xxxxxxxxxxxxxxxxxxxxxxx > activeDirectoryRealm.url = ldap://172.16.1.98:389 > activeDirectoryRealm.groupRolesMap = > "CN=menu_ufficiomobile_ania,OU=Menu,OU=Gruppi,OU=ComuneDiPrato,DC=comune,DC=prato,DC=local":"menu_ufficiomobile_ania" > > securityManager.realms = $activeDirectoryRealm > [users] > > test = test,menu_ufficiomobile_passicarrabili, menu_ufficiomobile_rubati, > menu_ufficiomobile_ordinanze, menu_ufficiomobile_ztl, > menu_ufficiomobile_cciaa, menu_ufficiomobile_ania, > menu_ufficiomobile_anagrafe, menu_ufficiomobile_mctc, menu_ufficiomobile_pra > > > [roles] > > menu_ufficiomobile_anagrafe = prato:anagrafe > menu_ufficiomobile_mctc = prato:mctc > menu_ufficiomobile_pra = prato:pra > menu_ufficiomobile_ania = prato:ania > menu_ufficiomobile_cciaa = prato:cacomm > menu_ufficiomobile_ztl = prato:ztl > menu_ufficiomobile_ordinanze = prato:ordinanze > menu_ufficiomobile_rubati = prato:rubati > menu_ufficiomobile_passicarrabili = prato:permessi > > > > > My security injection code: > > ShiroSecurityToken shiroSecurityToken = > new ShiroSecurityToken(qr.getUserName(), qr.getPassword()); > ShiroSecurityTokenInjector shiroSecurityTokenInjector = > new ShiroSecurityTokenInjector(shiroSecurityToken, passPhrase); > arg0.getIn().setHeader("SHIRO_SECURITY_TOKEN", > shiroSecurityTokenInjector.encrypt()); > > > And the routing code that uses permissions: > > from("seda:interrogaANIA").threads(1) > .setHeader("db", constant(Database.ANIA)).policy(aniaS) > .to("bean:interrogaANIA?method=interrogaBancaDati") > .to("seda:prefilter"); > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Active-directory-map-roles-and-permissions-to-use-with-camel-shiro-tp7562083p7562852.html > Sent from the Shiro User mailing list archive at Nabble.com. -- Jonathan Barker ITStrategic
