Stack Overflow
Stack Overflow

Questions tagged [shiro]

Apache Shiro is a Java security framework that performs authentication, authorization, cryptography, and session management.

Apache Shiro is a Java security framework that performs authentication, authorization, cryptography, and session management. Shiro's API provides mechanisms to secure a variety of application types, including mobile software, web apps, and enterprise systems.

Shiro can be configured using .ini files, programmatic setup, or a combination of both. For more information see:

1252 questions
0
votes
1 answer

Shiro Annotations with Spring

i am new to shiro i am integrating shiro with spring and i am trying to use shiro annotations on Spring controllers but they are not working , the controller stop working when i put the @RequiresPermissions("W027:UPDT") on the Controller method .…
duke
  • 43
  • 2
  • 6
0
votes
2 answers

Jersey and other JAX-RS api extensions - e.g. Shiro, Guice

Does Jersey got any extensions to support frameworks like Shiro, Guice for example? Or do you use them seperately, independent from jersey? How does it look for other JAX-RS frameworks. Restlet, RestEasy - do they provide any extensions or is it…
Robin Wieruch
  • 14,900
  • 10
  • 82
  • 107
-1
votes
1 answer

Is there a way to force re-login with pac4j Java with shiro

I want the user to have to re-authenticate in certain cases where they are about to perform privileged actions. Of course I can log them out and the login flow would just start over but that seems messy. It seems like getting access to the pac4j…
Joel Wenzel
  • 9
  • 1
  • 2
-1
votes
2 answers

Achieve Dynamic REST Resource specific Authorization

We have a SpringBoot based module, we have REST APIs which allow creating resources with Params like Request POST /resources { "resourceName": "Res1", "admins": ["john.doe@company.com", "jane.doe@company.com"] } Response { "id": "R1" …
Shubham
  • 58
  • 6
-1
votes
1 answer

Can we use Apache Shiro with angular 8

Can we use shiro with angular 8 based application. Currently we have spring thymeleaf based application with shiro. We are converting it to spring rest and angular based application. Now we need to include the authenication mechanishm for UI. Can we…
Learner
  • 237
  • 4
  • 15
-1
votes
1 answer

How to implement Apache Shiro MD5Hash in C#

What's the equivalent C# code of following Java code: import org.apache.shiro.crypto.hash.Md5Hash; public static String enPwd(String username, String pwd) { return (new Md5Hash(username + pwd, username, 2)).toHex().toString(); } I want to know how…
Sven
  • 79
  • 10
-1
votes
1 answer

User can view everyone's profile but only edit its own, how to implement in Shiro?

I am developing a small Java project with rest service and Apache Shiro. One requirement is that an authenticated user can view everyone's profile but can only edit its own profile. Can I implement using Permission and how?
Chenxi
  • 87
  • 8
-1
votes
3 answers

shiro authorization filter getting called multiple times

I wrote a authentication and authorization module using apache shiro and google oauth and microsoft 365 oauth. It lets users login using there google/ms credential no problem, but the authorization filter gets called so many times. Below is a…
Arka Mallick
  • 1,206
  • 3
  • 15
  • 28
-1
votes
1 answer

migrating CQ 5.6.1(jdk 1.7) to AEM 6.4(jdk 1.8), Unable to deserialze byte array while reading session from Cassandra using Serializer

i am migrating java bundles from CQ 5.6.1 to AEM 6.4, bundle is working in jdk 1.7, code is using apache shiro to serealize and deserialize session, here is the code to save and read session stored in Cassandra it works good with AEM 5.6.1 and 6.1…
Shekhar Maheshwari
  • 1
  • 2
-1
votes
1 answer

shiro session update: Connection is read-only. Queries leading to data modification are not allowed

we use java SSH, recently we encountered the following problem frequently,not sure what happened, i searched so many times and no such shiro related scenario occured,we use shiro as authenticaiton framework, and customized the sessionDAO including…
barry
  • 1
  • 1
-1
votes
1 answer

Apache Shiro : Filter vs Realm, which one to use?

Use case : HTTP context, I need to restrict access to urls given a certain session attribute state Extending the is* methods of AccessControlFilter in a custom filter works, but it looks sorta ugly : I have no Realm. AFAIK Realms are used for things…
Laurent Perez
  • 548
  • 5
  • 15
-1
votes
1 answer

Trying to secure Spring Web MVC using Apache Shiro where user management is achieved through Stormpath Api.

I am trying to secure my Spring Web MVC project using Apache Shiro and Stormpath. I went through some tutorials on the web and got an example configuration through shiro.ini file example, and also configuring Shiro through Spring's…
Bibek Khadka
  • 180
  • 1
  • 17
-1
votes
1 answer

How to pass multipart file along with file name to post method using Apache httpclient 3.x?

service code: @RequestMapping(value="/uploadFile", method=RequestMethod.POST, consumes = "multipart/form-data") public String uploadFile(@RequestParam("file") MultipartFile file,@RequestParam("filePath") String filePath){ //logic here } Part of…
user6834504
  • 1
  • 1
-1
votes
1 answer

Implement Caching in Apache Shiro using JBoss Infinspan

I am using Apache shiro in a project for security implementation. I have injected the security realm using CDI. I want to implement authentication and authorization caching in shiro using Jboss Infinispan. Can someone please share some pointers?
Codebuster
  • 3
  • 2
-1
votes
1 answer

Strange error occured in shiro doGetAuthorizationInfo method

I am encountered with a strange error for a few days,and still in puzzled,details are below: I'm using apache shiro with spring, after some work,I got ready to setup "doGetAuthorizationInfo" method,because I'm using "@RequiresRoles" in my…
blue
  • 1
  • 3
1 2 3
83
84