All geek questions in one place

Spring MVC and Shiro configuration using ini files

I am trying to set up the environment using Spring MVC and Apache Shiro. I follow the articles listed on shiro.apache.org.

I am using Spring DelegatingFilterProxy as a Shiro filter in web.xml.

Current filtering is performed using:

<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager"/> <property name="loginUrl" value="/login"/> <property name="successUrl" value="/dashboard"/> <property name="unauthorizedUrl" value="/unauthorized"/> <property name="filterChainDefinitions"> <value> /** = authc, user, admin /admin/** = authc, admin /login = anon </value> </property> </bean>

The question is, how can I use the siro.ini file that defines the security settings?

+6
source share
2 answers

You do not need to use shiro.ini. The rest of your configuration can (and should, since you are using ShiroFilterFactoryBean) run in Spring.

For example, adding the securityManager and ehCache cache manager to your siroFilter:

 <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="myRealm"/> <property name="sessionMode" value="native"/> <property name="sessionManager" ref="sessionManager"/> <property name="cacheManager" ref="cacheManager"/> </bean> <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"> <property name="cacheManager" ref="ehCacheManager"/> </bean> <bean id="ehCacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/> <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"> <property name="sessionDAO" ref="sessionDAO"/> </bean> <bean id="myRealm" class="com.foo.MyRealm"/>
+8
source

Here you can check the siro documentation http://shiro.apache.org/reference.html , it contains everything in spring, as Les said, usually define different beans instead of using shiro.ini, but you can also use this file for authentication use IniRealm like:

 <bean id="myRealm" class="org.apache.shiro.realm.text.IniRealm"> <property name="resourcePath" value="classpath:/shiro.ini" /> </bean>

more details apply here

+8
source

Source: https://habr.com/ru/post/897486/

More articles:


All Articles