You only need to be in the context of a request if you are dealing with a user's request.
You _could_ just get the SecurityManager from 'WebUtils. getRequiredWebEnvironment()' (assuming Shiro has already been initialized). You could also just move all of this configuration into your shiro.ini file. On Tue, Nov 1, 2016 at 6:56 PM, Harinath Mallepally <[email protected]> wrote: > Hi Brian, > > I wanted to add my custom AuthenticationListener to shiro so that I can > required logging. As I understand I can get the SecurityManager reference > only during user context (RPC in ODL), I am doing this during a RPC > invocation. > > org.apache.shiro.mgt.SecurityManager secManager = SecurityUtils. > getSecurityManager(); > AuthenticatingSecurityManager absSecMgr = ( > AuthenticatingSecurityManager)secManager; > AbstractAuthenticator absAuthenticator = (AbstractAuthenticator) > absSecMgr.getAuthenticator(); > absAuthenticator.getAuthenticationListeners().add(new > XceedAuthenticationListener()); > > > It doesn't sound right to me as multiple calls will result in duplicate > listeners. is there any easier option. > > Since ODL AAA is initializing shiro, other option I have is to bundle my > code along with AAA but I want to avoid that. > > Thanks > Hari > > > On Mon, Oct 31, 2016 at 3:49 PM, Harinath Mallepally <[email protected]> > wrote: > >> I think it was my mistake. It was my addition of shiro-core into maven >> bundle-plugin, that might have resulted in the behavior i observed, I >> removed it and it worked fine. >> >> >> <plugin> >> <groupId>org.apache.felix</groupId> >> <artifactId>maven-bundle-plugin</artifactId> >> <version>2.4.0</version> >> <extensions>true</extensions> >> <configuration> >> <instructions> >> <Import-Package>*</Import-Package> >> <Embed-Dependency>...,shiro-core</Embed-Dependency> >> </instructions> >> <manifestLocation>${project.basedir}/META-INF</manifestLocation> >> </configuration> >> </plugin> >> >> Thanks >> Hari >> >> I >> >> On Mon, Oct 31, 2016 at 7:12 AM, Brian Demers <[email protected]> >> wrote: >> >>> I know a portion of opendaylight is async, so you _may_ need to >>> configure the static instance of the SecurityManager, But from the stack >>> trace, I do NOT see the Shiro filter. Take a look at >>> http://shiro.apache.org/web.html to see what you would need in your >>> web.xml >>> >>> Let us know how it goes. >>> >>> On Fri, Oct 28, 2016 at 6:09 PM, Harinath Mallepally <[email protected]> >>> wrote: >>> >>>> Brian, >>>> >>>> Here is the log trace >>>> >>>> https://gist.github.com/careerscale/697284952f01e445b10a3bc95f773dac >>>> >>>> >>>> >>>> On Fri, Oct 28, 2016 at 2:41 PM, Brian Demers <[email protected]> >>>> wrote: >>>> >>>>> I'd need to see a bit more of the stacktrace. But i'm guessing your >>>>> call is not in the context of a request. If that is the case you would >>>>> need to enable the static instance of the SecurityManager. >>>>> >>>>> See the note about 'staticSecurityManagerEnabled' in: >>>>> https://shiro.apache.org/static/current/apidocs/org/apache/s >>>>> hiro/web/servlet/AbstractShiroFilter.html >>>>> >>>>> On Fri, Oct 28, 2016 at 4:56 PM, Harinath Mallepally <[email protected] >>>>> > wrote: >>>>> >>>>>> Hi Brian, >>>>>> >>>>>> it is same error , looks like something is wrong. >>>>>> >>>>>> org.apache.shiro.UnavailableSecurityManagerException: No >>>>>> SecurityManager accessible to the calling code, either bound to the >>>>>> org.apache.shiro.util.ThreadContext or as a vm static singleton. >>>>>> This is an invalid application configuration. >>>>>> at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUt >>>>>> ils.java:123) >>>>>> at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627) >>>>>> at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56) >>>>>> >>>>>> >>>>>> couldn't figure it out. any thoughts? >>>>>> >>>>>> >>>>>> >>>>>> On Fri, Oct 28, 2016 at 10:37 AM, Harinath Mallepally < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> in both cases. I understand that it needs a user context and during >>>>>>> application start, this error makes sense. >>>>>>> >>>>>>> it failed in RPC requests, i expected it to work. >>>>>>> i saw this working fine earlier, might be something got messed up. >>>>>>> will do clean build and try again. >>>>>>> >>>>>>> >>>>>>> On Thu, Oct 27, 2016 at 5:54 PM, Brian Demers < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Where is that method getting called from? Is it from the context of >>>>>>>> a request or while your application is starting ? >>>>>>>> >>>>>>>> >>>>>>>> On Thu, Oct 27, 2016 at 7:02 PM, Harinath Mallepally < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Thanks for the response. >>>>>>>>> >>>>>>>>> I tried this way, but results in with error. any thoughts on how >>>>>>>>> do I get handle on this? It looks like something is wrong with >>>>>>>>> configuration or so. >>>>>>>>> >>>>>>>>> private void setListener(){ >>>>>>>>> >>>>>>>>> try { >>>>>>>>> //TODO temp code, remove it >>>>>>>>> AuthenticatingSecurityManager securityMgr = >>>>>>>>> (AuthenticatingSecurityManager) SecurityUtils.getSecurityManag >>>>>>>>> er(); >>>>>>>>> >>>>>>>>> System.out.println(securityMgr); >>>>>>>>> >>>>>>>>> AbstractAuthenticator authentication = >>>>>>>>> (AbstractAuthenticator) securityMgr.getAuthenticator(); >>>>>>>>> >>>>>>>>> authentication.getAuthenticationListeners().add(new >>>>>>>>> CustomAuthenticationListener()); >>>>>>>>> }catch(Exception e){ >>>>>>>>> LOG.error("error {}", e); >>>>>>>>> } >>>>>>>>> } >>>>>>>>> but resulted in with this >>>>>>>>> >>>>>>>>> error {} >>>>>>>>> org.apache.shiro.UnavailableSecurityManagerException: No >>>>>>>>> SecurityManager accessible to the calling code, either bound to the >>>>>>>>> org.apache.shiro.util.ThreadContext or as a vm static singleton. >>>>>>>>> This is an invalid application configuration. >>>>>>>>> at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUt >>>>>>>>> ils.java:123) >>>>>>>>> >>>>>>>>> ......... >>>>>>>>> >>>>>>>>> On Thu, Oct 27, 2016 at 12:55 PM, Brian Demers < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> I'm not sure, but if I had to guess, I would say you need to >>>>>>>>>> export your package in your bundles config >>>>>>>>>> >>>>>>>>>> On Thu, Oct 27, 2016 at 2:10 PM, Harinath Mallepally < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> yes, I am using shiro.ini, my problem is my class is not being >>>>>>>>>>> identified in karaf (doing it with opendaylight), didn't know how >>>>>>>>>>> to add my >>>>>>>>>>> class into classpath without modifying ODL feature. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Thu, Oct 27, 2016 at 8:13 AM, Brian Demers < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> I you are using a shiro.ini just stick your filter in the >>>>>>>>>>>> [main] section. >>>>>>>>>>>> >>>>>>>>>>>> For example: >>>>>>>>>>>> >>>>>>>>>>>> [main] >>>>>>>>>>>> ... >>>>>>>>>>>> myFilter = com.foo.bar.MyWickedCoolFilter >>>>>>>>>>>> >>>>>>>>>>>> [urls] >>>>>>>>>>>> /path/* = myFilter >>>>>>>>>>>> # or possibly >>>>>>>>>>>> /another/path/* = myFitler[anOption] >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Wed, Oct 26, 2016 at 7:50 PM, Allan C. <[email protected]> >>>>>>>>>>>> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> There's a SecurityUtils class that can access the static >>>>>>>>>>>>> SecurityManager object. >>>>>>>>>>>>> >>>>>>>>>>>>> Regards, >>>>>>>>>>>>> Allan C. >>>>>>>>>>>>> >>>>>>>>>>>>> On Thu, Oct 27, 2016 at 6:15 AM, Harinath Mallepally < >>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Hi, >>>>>>>>>>>>>> >>>>>>>>>>>>>> is it possible to get reference of SecurityManager so that a >>>>>>>>>>>>>> custom AuthenticationFilter can be added? >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Please let me know >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>> Hari >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>> >>>> >>> >> >
