I'm trying to set up an environment with Spring MVC and Apache Shiro. I'm following articles mentioned in shiro.apache.org.
I'm using Spring's DelegatingFilterProxy as Shiro Filter in web.xml.
The current filtering is done using :
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login"/>
<property name="successUrl" value="/dashboard"/>
<property name="unauthorizedUrl" value="/unauthorized"/>
<property name="filterChainDefinitions">
<value>
/** = authc, user, admin
/admin/** = authc, admin
/login = anon
</value>
</property>
</bean>
Question is, how do I use shiro.ini file defining security settings?
You don't need to use shiro.ini. All of the rest of your configuration can (and should, since you're using ShiroFilterFactoryBean) be done in Spring.
For example, adding a securityManager and ehCache based cache manager to your shiroFilter:
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="myRealm"/>
<property name="sessionMode" value="native"/>
<property name="sessionManager" ref="sessionManager"/>
<property name="cacheManager" ref="cacheManager"/>
</bean>
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManager" ref="ehCacheManager"/>
</bean>
<bean id="ehCacheManager"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
<bean id="sessionDAO"
class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/>
<bean id="sessionManager"
class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO" ref="sessionDAO"/>
</bean>
<bean id="myRealm" class="com.foo.MyRealm"/>
You can check shiro documentation here http://shiro.apache.org/reference.html, it contains everything, in spring, as Les said, usually define different beans instead of using the shiro.ini file, but also you can use this file for authentication, use IniRealm like:
<bean id="myRealm" class="org.apache.shiro.realm.text.IniRealm">
<property name="resourcePath" value="classpath:/shiro.ini" />
</bean>
more detail refers to here
Related
This is my spring-servlet.xml file. I am new to spring MVC. Do we need to define bean for HelloWorld.Controller. If i don't define will it work?
<bean id="viewResolver" class=" org.springframework.web.servlet.view. InternalResourceViewResolver" >
<property name="prefix">
<value>/WEB-INF/jsp/</value>
</property>
<property name="suffix">
<value>.jsp</value>
</property>
</bean>
<bean name="/welcome.htm" class="com.vaannila.HelloWorldController" >
<property name="message" value="Hello World!" />
</bean>
</beans>
If i don't give this bean definition
<bean name="/welcome.htm" class="com.vaannila.HelloWorldController" >
<property name="message" value="Hello World!" />
</bean>
MyApplication should work or not? I am new to spring MVC. In few tutorial this code is there and in few its not there. Please explain.
Yes, you will need to define the bean (way to create instance of class) for all the Controller/Service/Dao/Components class you want to use and set relevant properties.
I would recommend you to use Annotation based configuration (spring boot) as it eases all this process. You can find lot of tutorials on getting stated with spring boot. Here is one such good tutorial https://www.mkyong.com/spring-boot/spring-boot-hello-world-example-jsp/
I am setting up wso2 API manager to use an external LDAP so it connects to my company's user base for logins but I am getting the following error which I can't find the reason:
2016-09-09 10:44:32,436 [-] [Start Level Event Dispatcher] ERROR Activator Cannot start User Manager Core bundle
java.lang.NullPointerException
at org.wso2.carbon.user.core.config.RealmConfigXMLProcessor.buildRealmConfiguration(RealmConfigXMLProcessor.java:367)
at org.wso2.carbon.user.core.config.RealmConfigXMLProcessor.buildRealmConfiguration(RealmConfigXMLProcessor.java:281)
at org.wso2.carbon.user.core.common.DefaultRealmService.buildBootStrapRealmConfig(DefaultRealmService.java:136)
at org.wso2.carbon.user.core.common.DefaultRealmService.<init>(DefaultRealmService.java:84)
at org.wso2.carbon.user.core.common.DefaultRealmService.<init>(DefaultRealmService.java:113)
at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:68)
at org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711)
at java.security.AccessController.doPrivileged(Native Method)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683)
at org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381)
at org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:390)
at org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1176)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1)
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340)
Here is my user-mgt.xml:
<UserManager>
<Realm>
<Configuration>
<AddAdmin>false</AddAdmin>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>procergs-felipe-schnack</UserName>
<!-- Password>admin</Password -->
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
<Property name="isCascadeDeleteEnabled">true</Property>
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
</Configuration>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
<Property name="ReadOnly">true</Property>
<Property name="ConnectionURL">ldap://ldap1.procergs.reders:389</Property>
<Property name="ConnectionName">uid=wso2,ou=U4S,ou=PROCERGS,o=estado,c=br</Property>
<Property name="ConnectionPassword">xxxx</Property>
<Property name="UserSearchBase">ou=procergs,o=Estado,c=BR</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="UserNameSearchFilter">uid=?</Property>
<Property name="UserNameListFilter">(objectClass=posixAccount)</Property>
<Property name="DisplayNameAttribute">displayname</Property>
<Property name="ReadGroups">false</Property>
<Property name="GroupSearchBase">ou=system</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="BackLinksEnabled">false</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="SCIMEnabled">false</Property>
<Property name="PasswordHashMethod">PLAIN_TEXT</Property>
<Property name="MultiAttributeSeparator">,</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="MaxRoleNameListLength">100</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="ConnectionPoolingEnabled">true</Property>
<Property name="LDAPConnectionTimeout">5000</Property>
<Property name="ReadTimeout"/>
<Property name="RetryAttempts"/>
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
<Property name="defaultRealmName">WSO2.ORG</Property>
</UserStoreManager>
<AuthorizationManager class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
<Property name="GetAllRolesOfUserEnabled">false</Property>
</AuthorizationManager>
</Realm>
</UserManager>
What I am missing? I tried to lookup the source code in wso2 SVN repo but I am still lost.
Thanks!
Actually you need to point to a existing user in your LDAP to be the super user of the system. The super user is a special user in the system which has all the permissions to manage the system. Hence this configuration is required. You can use Ciper tool to encrypt your password and store it. You can refer this.
p:order="1" what does have it means to my application.
Is is any kind of priority of loading of beans classes in my application.
<bean class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping">
<property name="order" value="2" />
<property name="interceptors">
<list>
<ref bean="localeChangeInterceptor"/>
</list>
</property>
<property name="defaultHandler">
<bean class="org.springframework.web.servlet.mvc.UrlFilenameViewController"/>
</property>
</bean>
<bean id="ajaxViewResolver" class="org.springframework.js.ajax.AjaxUrlBasedViewResolver" p:order="1">
<property name="viewClass" value="org.springframework.js.ajax.tiles3.AjaxTilesView"/>
</bean>
<bean id="tilesViewResolver" class="org.springframework.web.servlet.view.UrlBasedViewResolver" p:order="2">
<property name="viewClass" value="org.springframework.web.servlet.view.tiles3.TilesView"/>
</bean>
in second code p:order="1" is the order of deployment/loading beans in container
I found It Helpful so sharing it.The order is an order of resolving the views by Spring framework.
Went to a blog and a documentation.
A spring Blog
Documentation
When chaining ViewResolvers, a UrlBasedViewResolver always needs
to be last, as it will attempt to resolve any view name, no matter whether
the underlying resource actually exists.
I am using Spring MVC + FreeMarker integration. As I am new to FreeMarker i am not able to find out a way to configure FreeMarker labels from properties file.
Kindly help me out on this.
Thanks.
You can use, 'ResourceBundleMessageSource', message source for this.
<bean id="messageSource"
class="org.springframework.context.support.ResourceBundleMessageSource"
<property name="basename" value="classpath:messages/messages" />
<property name="defaultEncoding" value="UTF-8"/>
/>
Define the locale resolver,
<bean id="localeResolver"
class="org.springframework.web.servlet.i18n.SessionLocaleResolver">
<property name="defaultLocale" value="en" />
</bean>
Define localeChangeInterceptor which detects the language parameter from the user session and call locale resolve. And register the interceptor in handler Mappings.
<bean id="localeChangeInterceptor"
class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
<property name="paramName" value="lang" />
</bean>
class="org.springframework.web.servlet.mvc.support.ControllerClassNameHandlerMapping" >
<property name="interceptors">
<list>
<ref bean="localeChangeInterceptor" />
</list>
</property>
</bean>
Property files need to be defined like,
messages_en.properties
messages_ar.properties
inside the messages folder path.
'ReloadableResourceBundleMessageSource' can be used if the language property files frequently changes. That means you don't have to restart the application in each language file change.
You need to import spring macro,
<#import "/spring.ftl" as spring/>
and
messages can be accessed inside a .ftl as follows.
<#spring.message "customMessageKey"/>
I am new to freemarker,but i want to fetch the data from Spring Application to my view which has extension .ftl.I am using ${message} but it displays as usual.It should display the data which is availble in message from Spring Application.
I am configured dispatcherServlet as below
<bean id="freemarkerConfig" class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer">
<property name="templateLoaderPath" value="/WEB-INF/freemarker/"/>
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="cache" value="true"/>
<property name="prefix" value="/WEB-INF/jsp/"/>
<property name="suffix" value=".ftl"/>
</bean>
You don't use InternalResourceViewResolver with Freemarker, you use FreemarkerViewResolver. Replace that, you should be fine.
Also, I suggest not putting your freemarker templates in /WEB-INF/jsp. They're not JSPs, and should never be treated as such.