Great! Keep us in the loop!
On Tue, Dec 13, 2016 at 7:56 PM, Harinath Mallepally <[email protected]> wrote: > Hi Brian, > > Thanks for the response. I think I got it. > > ODL Has has web.xml is configured with shiro filter, so when I re built > the sal-rest-connector module with this filter property it worked fine > > <filter> > <filter-name>ShiroFilter</filter-name> > <filter-class>org.opendaylight.aaa.shiro.filters.AAAFilter</filter-class> > <init-param> > <param-name>staticSecurityManagerEnabled</param-name> > <param-value>true</param-value> > </init-param> > </filter> > > > So for now, I got 2 options. > > > 1. Bundle customized ODL sal-rest-connector with our product (with this small > change). > > 2. Use dummy user context (RPC cal) on startup of the karaf and register my > authentication listener. > > > will discuss with my colleagues and based on the decision will go with one of > them. > > > Thanks for the guidance. > > Hari > > > > > > On Mon, Dec 12, 2016 at 4:10 PM, Brian Demers <[email protected]> > wrote: > >> I'm guessing your are referring to this: >> https://github.com/careerscale/opendaylight-demo/blob/49b614 >> 37ccf7f19ec9633be450799971e7bca67f/impl/src/main/java/com/ >> company/sdn/impl/ConnectorRpcProvider.java#L59 >> >> Instead of looking up the static instance, can you just pass one into >> your constructor? Where is the constructor called? Ideally you should be >> able to get the SecurityManager instance from the frame work you are using >> (Guice, Spring, etc). >> >> I know this doesn't give you a concrete answer, but maybe we should back >> up a bit, so we can understand how your application is configured. How is >> the Shiro SecurityManager configured in your environment ? >> >> On Mon, Dec 12, 2016 at 6:24 PM, Harinath Mallepally <[email protected]> >> wrote: >> >>> Hi Brian, >>> >>> FYI >>> >>> I have sample project with ODL >>> https://github.com/careerscale/opendaylight-demo >>> >>> ConnectorRpcProvider has test code in couple of places. it is working >>> fine in RPC context (as there is user context available, but not in the >>> constructor method where the user context is not present. >>> >>> try { >>> AuthenticatingSecurityManager securityMgr = >>> (AuthenticatingSecurityManager) SecurityUtils.getSecurityManager(); >>> >>> LOG.info("security mgr {}",securityMgr); >>> >>> AbstractAuthenticator authentication = (AbstractAuthenticator) >>> securityMgr.getAuthenticator(); >>> >>> authentication.getAuthenticationListeners().add(new >>> CustomAuthenticationListener()); >>> >>> } catch (Exception e) { >>> LOG.error("error {}", e); >>> } >>> >>> >>> >>> >>> >>> >>> On Fri, Dec 9, 2016 at 3:38 PM, Brian Demers <[email protected]> >>> wrote: >>> >>>> I'm not sure, but I'm guessing you will run into classloader issues >>>> with a static instance. >>>> >>>> Do you have an example project (something simple that can be used to >>>> illustrate the point)? Maybe that will help others as well. >>>> >>>> -Brian >>>> >>>> On Fri, Dec 9, 2016 at 4:58 PM, Harinath Mallepally <[email protected]> >>>> wrote: >>>> >>>>> Hi Brian, >>>>> I know it is not directly related with shiro, but trying to see how do >>>>> I configure this property in karaf? >>>>> staticSecurityManagerEnabled >>>>> >>>>> >>>>> Thanks >>>>> Hari >>>>> >>>>> On Fri, Oct 28, 2016 at 2:41 PM, Brian Demers <[email protected]> >>>>> wrote: >>>>> >>>>>> I'd need to see a bit more of the stacktrace. But i'm guessing your >>>>>> call is not in the context of a request. If that is the case you would >>>>>> need to enable the static instance of the SecurityManager. >>>>>> >>>>>> See the note about 'staticSecurityManagerEnabled' in: >>>>>> https://shiro.apache.org/static/current/apidocs/org/apache/s >>>>>> hiro/web/servlet/AbstractShiroFilter.html >>>>>> >>>>>> On Fri, Oct 28, 2016 at 4:56 PM, Harinath Mallepally < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi Brian, >>>>>>> >>>>>>> it is same error , looks like something is wrong. >>>>>>> >>>>>>> org.apache.shiro.UnavailableSecurityManagerException: No >>>>>>> SecurityManager accessible to the calling code, either bound to the >>>>>>> org.apache.shiro.util.ThreadContext or as a vm static singleton. >>>>>>> This is an invalid application configuration. >>>>>>> at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUt >>>>>>> ils.java:123) >>>>>>> at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627) >>>>>>> at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56) >>>>>>> >>>>>>> >>>>>>> couldn't figure it out. any thoughts? >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Fri, Oct 28, 2016 at 10:37 AM, Harinath Mallepally < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> in both cases. I understand that it needs a user context and during >>>>>>>> application start, this error makes sense. >>>>>>>> >>>>>>>> it failed in RPC requests, i expected it to work. >>>>>>>> i saw this working fine earlier, might be something got messed up. >>>>>>>> will do clean build and try again. >>>>>>>> >>>>>>>> >>>>>>>> On Thu, Oct 27, 2016 at 5:54 PM, Brian Demers < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Where is that method getting called from? Is it from the context >>>>>>>>> of a request or while your application is starting ? >>>>>>>>> >>>>>>>>> >>>>>>>>> On Thu, Oct 27, 2016 at 7:02 PM, Harinath Mallepally < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Thanks for the response. >>>>>>>>>> >>>>>>>>>> I tried this way, but results in with error. any thoughts on how >>>>>>>>>> do I get handle on this? It looks like something is wrong with >>>>>>>>>> configuration or so. >>>>>>>>>> >>>>>>>>>> private void setListener(){ >>>>>>>>>> >>>>>>>>>> try { >>>>>>>>>> //TODO temp code, remove it >>>>>>>>>> AuthenticatingSecurityManager securityMgr = >>>>>>>>>> (AuthenticatingSecurityManager) SecurityUtils.getSecurityManag >>>>>>>>>> er(); >>>>>>>>>> >>>>>>>>>> System.out.println(securityMgr); >>>>>>>>>> >>>>>>>>>> AbstractAuthenticator authentication = >>>>>>>>>> (AbstractAuthenticator) securityMgr.getAuthenticator(); >>>>>>>>>> >>>>>>>>>> authentication.getAuthenticationListeners().add(new >>>>>>>>>> CustomAuthenticationListener()); >>>>>>>>>> }catch(Exception e){ >>>>>>>>>> LOG.error("error {}", e); >>>>>>>>>> } >>>>>>>>>> } >>>>>>>>>> but resulted in with this >>>>>>>>>> >>>>>>>>>> error {} >>>>>>>>>> org.apache.shiro.UnavailableSecurityManagerException: No >>>>>>>>>> SecurityManager accessible to the calling code, either bound to the >>>>>>>>>> org.apache.shiro.util.ThreadContext or as a vm static >>>>>>>>>> singleton. This is an invalid application configuration. >>>>>>>>>> at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUt >>>>>>>>>> ils.java:123) >>>>>>>>>> >>>>>>>>>> ......... >>>>>>>>>> >>>>>>>>>> On Thu, Oct 27, 2016 at 12:55 PM, Brian Demers < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> I'm not sure, but if I had to guess, I would say you need to >>>>>>>>>>> export your package in your bundles config >>>>>>>>>>> >>>>>>>>>>> On Thu, Oct 27, 2016 at 2:10 PM, Harinath Mallepally < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> yes, I am using shiro.ini, my problem is my class is not being >>>>>>>>>>>> identified in karaf (doing it with opendaylight), didn't know how >>>>>>>>>>>> to add my >>>>>>>>>>>> class into classpath without modifying ODL feature. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Thu, Oct 27, 2016 at 8:13 AM, Brian Demers < >>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> I you are using a shiro.ini just stick your filter in the >>>>>>>>>>>>> [main] section. >>>>>>>>>>>>> >>>>>>>>>>>>> For example: >>>>>>>>>>>>> >>>>>>>>>>>>> [main] >>>>>>>>>>>>> ... >>>>>>>>>>>>> myFilter = com.foo.bar.MyWickedCoolFilter >>>>>>>>>>>>> >>>>>>>>>>>>> [urls] >>>>>>>>>>>>> /path/* = myFilter >>>>>>>>>>>>> # or possibly >>>>>>>>>>>>> /another/path/* = myFitler[anOption] >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Wed, Oct 26, 2016 at 7:50 PM, Allan C. <[email protected]> >>>>>>>>>>>>> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> There's a SecurityUtils class that can access the static >>>>>>>>>>>>>> SecurityManager object. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>> Allan C. >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Thu, Oct 27, 2016 at 6:15 AM, Harinath Mallepally < >>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hi, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> is it possible to get reference of SecurityManager so that a >>>>>>>>>>>>>>> custom AuthenticationFilter can be added? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Please let me know >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>> Hari >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>> >>>> >>> >> >
