Hey there - I'm trying to add custom authentication and authorization to my
web application (user information will be available by a webservice).
I'm more or less using an all-programmatically configured Jetty
(Dropwizard) as my application container.
My minimal set up so far is as so (please just assume "environment" is the,
wait for it, environment for my servlets etc...
private void setupSecurity(Environment environment) {
// shiro environment
final EnvironmentLoaderListener shiroEnvironmentLoaderListener = new
EnvironmentLoaderListener();
environment.servlets().addServletListeners(shiroEnvironmentLoaderListener);
// session management
final SessionHandler sessionHandler = new SessionHandler();
environment.servlets().setSessionHandler(sessionHandler);
// security filter
final Filter shiroFilter = new ShiroFilter();
setupServletFilter(environment, shiroFilter, "shiro-filter");
}
So cool - through the magic of classpathery, it finds my shiro.ini, and all
is good - I can protect URLs, JAX-RS resources, etc..
Now I want to migrate user data (credentials, roles, etc) to a custom
realm, as I want to essentially create a security DAO to talk to another
webservice.
I know I can add class names and what not to the INI files; but I need to
construct the realm programatically (lots of depedencies need to be
injected via constructor to this realm).. in other words, I want to control
all object instantiation myself.
How can I achieve this in the most straight forward manner?
I tried to get a reference to the SecurityManager directly in the above
method, as the last thing, but I got this error:
"No SecurityManager accessible to the calling code, either bound to the
org.apache.shiro.util.ThreadContext or as a vm static singleton. This is
an invalid application configuration."
I'm not sure why the configuration is deemed invalid, because all the auth
seems to be working totally fine.
I started going down the path of writing my own "shiroEnvironmentClass",
but I got lost in the all the various layers, making think that I just
missed the most straight forward way to do this.
Thanks for any insight you can provide!
Shan
