We use Shiro in an OSGI environment just fine, but we did have to upgrade to version 1.2.1 since there were some OSGI related fixes in that release. The important thing to remember with OSGI is each bundle is in it's own class loader so if you are just referencing Shiro from multiple bundles you will get unique instances. What we do is we have a single bundle that initialized shiro and then exports the SecurityManager as an OSGI service which our other bundles import and use. That way everything is using the same SecurityManager instance.
Chris On Tue, Jul 23, 2013 at 10:15 AM, andyatmiami <[email protected]> wrote: > Greetings to all and thanks in advance. > > First off, I am a first-time poster - but I have searched extensively > through the mailing list trying to resolve my question. Now, it may be > because I am new to the Shiro world, but I need further help. > > We are running an EBA bundle in the Websphere Liberty container using > Apache > Shiro 1.1.0. I am new to the project and have to deal with stuff "as-is" - > so its not trivial to update to a newer version of Shiro. > > We currently have 2 web bundles - which I will refer to as "login bundle" > and "rest bundle". > > Each bundle has a distinct WebApp-ContextPath and a distinct shiro.ini > file. > > login shiro.ini: > > > rest shiro.ini: > > > I guess my overall question is: Is this the right way to set this > application up? > > As to a specific issue I am noticing, it seems that a session gets created > when the user logs in - but then through their interaction with our REST > calls - the LastAccessTime never gets updated. So, you can be consistently > "using" the application, and you will time out 30 minutes after you log in. > > Again, I am new to the OSGi and Shiro - so I apologize if this question is > naive. I can understand why in bundles we would need to define multiple > shiro.ini files (in fact, I tried removing the rest shiro.ini file - and > once I logged in all subsequent calls failed) but it seems something > strange > is going on with the session management. > > Any explanation or advice you could give me in how to properly implement > this in my application would be greatly appreciated. > > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Apache-Shiro-in-an-OSGi-Environment-tp7578939.html > Sent from the Shiro User mailing list archive at Nabble.com. >
