Hi all,
I'm using Apache Shiro v1.4.0, in a karaf 4.2.1. I'm also using Jax-RS ->
Apache CXF to expose some rest services. I use Shiro to manage roles and
permissions.
All this stuf work perfectly but i'd like to use annotation to handle
permissions/authorisation.
For that, i've created an injector with 2 modules : ShiroModule and
ShiroAopModule like this :
Injector injector = Guice.createInjector(new ShiroModule() {
@Override
protected void configureShiro() {
try {
bindRealm().toConstructor(IniRealm.class.getConstructor(Ini.class));
} catch (NoSuchMethodException e) {
addError(e);
}
}
@Provides
Ini loadShiroIni() {
// Configuration should be datas from a dataBase service
Ini ini = new Ini();
// Users -and-> password,roles
Map<String, String> users = new HashMap<>();
users.put("admin", "admin,admin");
users.put("user", "user,user");
users.put("guest", "guest,guest");
ini.addSection("users").putAll(users);
// Roles -and-> permissions
Map<String, String> roles = new HashMap<>();
roles.put("admin", "create,read,update,delete");
roles.put("user", "read,update");
roles.put("guest", "read");
ini.addSection("roles").putAll(roles);
return ini;
}
}, new ShiroAopModule());
// Setting a SecurityManager instance
org.apache.shiro.mgt.SecurityManager securityManager =
injector.getInstance(org.apache.shiro.mgt.SecurityManager.class);
SecurityUtils.setSecurityManager(securityManager);
But the anonnation does not work. Could you help me, please.
Thanks for any help.
Best regards.
