Take a look at flowlogix-jee It integrates with java ee and makes the annotations work
> On Jun 3, 2017, at 1:13 PM, Yu Wei <[email protected]> wrote: > > I also noticed that jersey is not officially supported. > > Currently I have a web service written with jersey, and need to secure it. > > However, shiro-jersey is not updated for almost 3 years and shiro version > supported is 1.2.3. > > > I'm looking for other solutions. > > > Any advice? > > Thanks, > > Jared, (韦煜) > Software developer > Interested in open source software, big data, Linux > From: Tamás Cservenák <[email protected]> > Sent: Sunday, June 4, 2017 2:06:51 AM > To: [email protected] > Subject: Re: annotations doesn't take effect, please help to have a look > > Hi there, > > and how did you integrate shiro annotations? For those to be picked up, you > should use either guice, spring or some "home made" thing... > > https://shiro.apache.org/java-annotations.html > > From "integrations" page > https://shiro.apache.org/integration.html > For Jersey, it enlists this > https://github.com/silb/shiro-jersey > > Thanks, > T > >> On Sat, Jun 3, 2017 at 7:54 PM Yu Wei <[email protected]> wrote: >> I'm using jersey. >> shiro version is 1.2.3. >> >> Thanks, >> >> Jared, (韦煜) >> Software developer >> Interested in open source software, big data, Linux >> From: Laszlo Hornyak <[email protected]> >> Sent: Sunday, June 4, 2017 1:41:51 AM >> To: [email protected] >> Subject: Re: annotations doesn't take effect, please help to have a look >> >> Hi Yu, >> >> What version of shiro do you use? Are you using the rest resources with >> spring? >> >> Best regards, >> Laszlo >> >>> On Sat, Jun 3, 2017 at 7:23 PM, Yu Wei <[email protected]> wrote: >>> Hi guys, >>> >>> I tried to use annotations for authentication/authorization. However, it >>> doesn't work as expected. >>> >>> Below is shiro.ini, >>> >>> [main] >>> >>> # basic authentication >>> authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter >>> >>> # password matcher >>> pwMatcher = org.apache.shiro.authc.credential.PasswordMatcher >>> pwService = org.apache.shiro.authc.credential.DefaultPasswordService >>> pwMatcher.passwordService = $pwService >>> >>> # data source configuration, using JndiObjectFactory to look up the >>> attributes >>> datasrc = org.apache.shiro.jndi.JndiObjectFactory >>> datasrc.requiredType = javax.sql.DataSource >>> datasrc.resourceName = mysql/ustudy >>> datasrc.resourceRef = true >>> >>> realm = org.apache.shiro.realm.jdbc.JdbcRealm >>> realm.permissionsLookupEnabled = true >>> realm.dataSource = $datasrc >>> realm.authenticationQuery = select usr_passwd from sec_users where >>> loginname = ? >>> realm.credentialsMatcher = $pwMatcher >>> >>> securityManager.realms = $realm >>> >>> [users] >>> >>> [roles] >>> >>> [urls] >>> /services/info/list/** = authc, roles[admin] >>> /services/info/add/** = authcBasic, roles[admin] >>> /services/info/update/** = authcBasic, roles[admin] >>> /services/info/delete/** = authcBasic, roles[admin] >>> >>> In servlet app, one method handle http request is as following, >>> >>> @GET >>> @RequiresAuthentication >>> @RequiresPermissions("list:view") >>> @Path("list/{type}/{id}") >>> @Produces(MediaType.APPLICATION_JSON) >>> public Response getList() >>> >>> It seems that @RequiresAuthentication and @RequiresPermissions("list:view") >>> do not take effect. >>> >>> >>> Do I misunderstand anything? Or any error in my code? >>> >>> >>> Thanks, >>> >>> Jared, (韦煜) >>> Software developer >>> Interested in open source software, big data, Linux >> >> >> >> -- >> >> EOF > > -- > Thanks, > ~t~ >
