org.apache.shiro.web.servlet.ShiroFilter Java Examples
The following examples show how to use
org.apache.shiro.web.servlet.ShiroFilter.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: CoreModule.java From onedev with MIT License | 6 votes |
|
private void configureSecurity() {
contributeFromPackage(Realm.class, AbstractAuthorizingRealm.class);
bind(RememberMeManager.class).to(OneRememberMeManager.class);
bind(WebSecurityManager.class).to(OneWebSecurityManager.class);
bind(FilterChainResolver.class).to(OneFilterChainResolver.class);
bind(BasicAuthenticationFilter.class);
bind(BearerAuthenticationFilter.class);
bind(PasswordService.class).to(OnePasswordService.class);
bind(ShiroFilter.class);
install(new ShiroAopModule());
contribute(FilterChainConfigurator.class, new FilterChainConfigurator() {
@Override
public void configure(FilterChainManager filterChainManager) {
filterChainManager.createChain("/**/info/refs", "noSessionCreation, authcBasic, authcBearer");
filterChainManager.createChain("/**/git-upload-pack", "noSessionCreation, authcBasic, authcBearer");
filterChainManager.createChain("/**/git-receive-pack", "noSessionCreation, authcBasic, authcBearer");
}
});
contributeFromPackage(Authenticator.class, Authenticator.class);
}
Example #2
| Source File: ZeppelinServer.java From zeppelin with Apache License 2.0 | 6 votes |
|
private static void setupRestApiContextHandler(WebAppContext webapp, ZeppelinConfiguration conf) {
final ServletHolder servletHolder =
new ServletHolder(new org.glassfish.jersey.servlet.ServletContainer());
servletHolder.setInitParameter("javax.ws.rs.Application", ZeppelinServer.class.getName());
servletHolder.setName("rest");
servletHolder.setForcedPath("rest");
webapp.setSessionHandler(new SessionHandler());
webapp.addServlet(servletHolder, "/api/*");
String shiroIniPath = conf.getShiroPath();
if (!StringUtils.isBlank(shiroIniPath)) {
webapp.setInitParameter("shiroConfigLocations", new File(shiroIniPath).toURI().toString());
webapp
.addFilter(ShiroFilter.class, "/api/*", EnumSet.allOf(DispatcherType.class))
.setInitParameter("staticSecurityManagerEnabled", "true");
webapp.addEventListener(new EnvironmentLoaderListener());
}
}
Example #3
| Source File: ShiroBundle.java From dw-shiro-bundle with BSD 2-Clause "Simplified" License | 6 votes |
|
private void initializeShiro(final ShiroConfiguration config, Environment environment) {
if (config.isEnabled()) {
LOG.debug("Shiro is enabled");
if (config.isDropwizardSessionHandler() && environment.getApplicationContext().getSessionHandler() == null) {
LOG.debug("Adding DropWizard SessionHandler to environment.");
environment.getApplicationContext().setSessionHandler(new SessionHandler());
}
// This line ensure Shiro is configured and its .ini file found in the designated location.
// e.g., via the shiroConfigLocations ContextParameter with fall-backs to default locations if that parameter isn't specified.
environment.servlets().addServletListeners( new EnvironmentLoaderListener() );
final String filterUrlPattern = config.getSecuredUrlPattern();
LOG.debug("ShiroFilter will check URLs matching '{}'.", filterUrlPattern);
environment.servlets().addFilter("shiro-filter", new ShiroFilter()).addMappingForUrlPatterns( EnumSet.allOf(DispatcherType.class), true, filterUrlPattern );
} else {
LOG.debug("Shiro is not enabled");
}
}
Example #4
| Source File: ShiroConfig.java From fastdep with Apache License 2.0 | 5 votes |
|
/**
* shiroFilter
*
* @param securityManager securityManager bean
* @param jwtUtil jwt util bean
* @return shiroFilter
*/
@Bean("shiroFilter")
@ConditionalOnMissingBean(ShiroFilter.class)
public ShiroFilterFactoryBean factory(DefaultWebSecurityManager securityManager, JwtUtil jwtUtil) {
FastDepShiroJwtProperties fastDepShiroJwtProperties = jwtUtil.fastDepShiroJwtProperties;
ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
// define your filter and name it as jwt
Map<String, Filter> filterMap = new HashMap<>(1);
filterMap.put("jwt", new JwtFilter(jwtUtil));
factoryBean.setFilters(filterMap);
factoryBean.setSecurityManager(securityManager);
/*
* difine custom URL rule
* http://shiro.apache.org/web.html#urls-
*/
Map<String, FastDepShiroJwtProperties.ShiroRole> filter = fastDepShiroJwtProperties.getFilter();
if (filter.size() > 0) {
LinkedHashMap<String, String> filterRuleMap = filter.values().stream().
collect(Collectors.toMap(FastDepShiroJwtProperties.ShiroRole::getPath,
FastDepShiroJwtProperties.ShiroRole::getRole, (key1, key2) -> key2, LinkedHashMap::new));
// 401 and 404 page does not forward to our filter
factoryBean.setFilterChainDefinitionMap(filterRuleMap);
}
if (fastDepShiroJwtProperties.getFilterChainDefinitions() != null) {
factoryBean.setFilterChainDefinitions(fastDepShiroJwtProperties.getFilterChainDefinitions());
}
factoryBean.setLoginUrl(fastDepShiroJwtProperties.getLoginUrl());
factoryBean.setSuccessUrl(fastDepShiroJwtProperties.getSuccessUrl());
factoryBean.setUnauthorizedUrl(fastDepShiroJwtProperties.getUnauthorizedUrl());
jwtUtil.fastDepShiroJwtAuthorization.shiroFilterFactoryBean(factoryBean);
return factoryBean;
}
Example #5
| Source File: ExampleApplication.java From okta-auth-java with Apache License 2.0 | 5 votes |
|
private void configureShiro(final Environment environment) {
// One line to enable Shiro
environment.jersey().register(ShiroFeature.class); // JAX-RS Feature
// Dropwizard does not load servlet fragments, so we must configure the servlet filter
environment.servlets().addServletListeners(new EnvironmentLoaderListener());
environment.servlets().addFilter("ShiroFilter", ShiroFilter.class)
.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), false, "/*");
}
Example #6
| Source File: ProductServletConfigurator.java From onedev with MIT License | 5 votes |
|
@Inject
public ProductServletConfigurator(ServerConfig serverConfig, ShiroFilter shiroFilter, GitFilter gitFilter,
GitPreReceiveCallback preReceiveServlet, GitPostReceiveCallback postReceiveServlet,
WicketServlet wicketServlet, WebSocketManager webSocketManager,
AttachmentUploadServlet attachmentUploadServlet, ServletContainer jerseyServlet) {
this.serverConfig = serverConfig;
this.shiroFilter = shiroFilter;
this.gitFilter = gitFilter;
this.preReceiveServlet = preReceiveServlet;
this.postReceiveServlet = postReceiveServlet;
this.wicketServlet = wicketServlet;
this.webSocketManager = webSocketManager;
this.jerseyServlet = jerseyServlet;
this.attachmentUploadServlet = attachmentUploadServlet;
}
Example #7
| Source File: WebServletShiroTest.java From attic-polygene-java with Apache License 2.0 | 5 votes |
|
@Test
public void test()
throws Exception
{
int port = FreePortFinder.findFreePortOnLoopback();
Server server = new Server( port );
try {
ServletContextHandler context = new ServletContextHandler();
context.setContextPath( "/" );
context.setInitParameter( "shiroConfigLocations", "classpath:web-shiro.ini" );
context.addEventListener( new EnvironmentLoaderListener() );
context.addFilter( ShiroFilter.class, "/*", EnumSet.of( REQUEST, FORWARD, INCLUDE, ERROR ) );
server.setHandler( context );
server.start();
// HttpClient client = new DefaultHttpClient();
// String result = client.execute( new HttpGet( "http://127.0.0.1:" + port + "/" ), new BasicResponseHandler() );
} finally {
server.stop();
}
}
