Questions tagged [shiro]

Apache Shiro is a Java security framework that performs authentication, authorization, cryptography, and session management.

Apache Shiro is a Java security framework that performs authentication, authorization, cryptography, and session management. Shiro's API provides mechanisms to secure a variety of application types, including mobile software, web apps, and enterprise systems.

Shiro can be configured using .ini files, programmatic setup, or a combination of both. For more information see:

1252 questions

votes

1 answer

How to get the HTTP status from the response returned by shiro authentication

Now I am using Shiro integrated with Spring to protect my project. Mainly filter the request according to the roles. Now I meet a problem. For example, after I logged in some time, the session is out and at this time when I click some buttons which…

asked Jun 05 '13 at 16:13

aldrich

votes

1 answer

GORM (Hibernate) tries to map non-domain classes; gives DuplicateMappingException

I am upgrading my Grails app from version 2.1.0. Prior to this upgrade the application was behaving fine. I downloaded and set-up the new version of Grails (initially I tried version 2.2.1 but tried going to 2.2.2 today) and did a Grails upgrade on…

grails grails-orm grails-plugin shiro grails-2.2

asked May 19 '13 at 09:59

David

1,940
3
17
30

votes

2 answers

Cas 3.5.2 audit failed

I am a new-hander to cas. I download cas-server-3.5.2 and cas-client-3.2.1,then I deploy the cas server to tomcat 6 and 7. I change the configuration in deployementConfig.xml and some other file to disable ssl and enable mysql db. when I open the…

spring cas shiro

asked May 19 '13 at 09:31

yyz

votes

2 answers

JAX-RS: Authenticate with multiple principals (more than just username)

Using a Jersey service, what would be the most elegant method to authenticate a user with more than just username and password? say, a Business Id, and username as the Principals, and password as the only Credential. I have a postgres DB with a…

java jakarta-ee jersey ws-security shiro

asked May 18 '13 at 21:21

Alon Amir

4,913
9
47
86

votes

1 answer

Using CDI except a Java Web Application

From Doc i m trying to learn Context and Dependency injection . In tutorials CDI seems can be only use in a Web application.Can i use CDI in a Java Console project ? And How? I added libraries like javax.enterprice.deploy and cdi-api.I m trying to…

security dependency-injection aspectj cdi shiro

asked Apr 25 '13 at 15:21

Malcolmxappa

votes

1 answer

How do you cache data only for the duration of the http request using apache shiro in a servlet container?

More specifically, I find that I'm implementing a custom AuthorizingRealm, which declares template methods doGetAuthenticationInfo() and doGetAuthorizationInfo() for returning AuthenticationInfo and AuthorizationInfo objects, respectively. However,…

java jakarta-ee servlets shiro

asked Apr 13 '13 at 08:32

Shaun

2,490
6
30
39

votes

1 answer

Specifying Shiro's LifecycleBeanPostProcessor in programmatic Spring @Configuration causes errors

I have a Spring web app I am configuring programatically. I am trying out Apache Shiro as my authentication framework and I have run into issues integrationg Shiro with Spring, specifically using programmatic configuration (as I decided I did not…

spring shiro

asked Mar 21 '13 at 04:26

Jensen Ching

3,144
4
26
42

votes

2 answers

Encapsulating Shiro Subject

I would like to encapsulate Apache Shiro in a Servlet environment. I want to create MySecurityUtils and use Shiro SecurityUtils.getSubject in a static method. My question is whether this is a correct way to use SecurityUtils.getSubject method in a…

java security servlets shiro

asked Mar 12 '13 at 14:34

Koray Güclü

2,857
1
34
30

votes

1 answer

Tomcat server remote redeployement

We have a web app using Apache Shiro for security and deployed in a Tomcat 7 server, and an administration application in java swing. One of the purposes of the administration application is to manage urls access rights for users in the web…

java tomcat jmx shiro

asked Feb 15 '13 at 09:25

AxelF

votes

1 answer

How to manage web sessions for different web apps with single sign on?

I have 2 osgi distributed web apps A(A1, A2) and B(B1, B2), i am using shiro to share the http sessions for single sign on so that logginng in one system logs in the other too. But I want the session data to be separated between system A and B apart…

osgi shiro

asked Feb 08 '13 at 16:05

Jay Huang

votes

1 answer

Grails Web App - Show current logged in users

ive created a grails app and used Apache Shire plugin http://shiro.apache.org/ for security and logging in purposes. I wanted to find out if anyone knows how I can get a list of the users who are currently logged in to the web application? Where…

java apache grails shiro

asked Jan 18 '13 at 01:28

Tyler Evans

votes

2 answers

Can't understand Shiro behavior on custom login page request

I'm using Apache Shiro to secure my Spring MVC application. This is my config:

java spring-mvc servlet-filters shiro

asked Jan 17 '13 at 03:27

Sotirios Delimanolis

274,122
60
696
724

votes

1 answer

Apache Shiro Guice Servlet Configure redirectUrl for AUTHC Filter

How can I configure the redirect URL for the AUTHC Filter given by Shiro? I know how to configure it in an INI file, but I need to know how to configure it in my extension of the ShiroWebModule. Thanks!

servlets guice servlet-filters shiro guice-servlet

asked Jan 14 '13 at 20:13

Benjamin Ihrig

votes

1 answer

Shiro standalone application

This is my META-INF/spring/beans.xml