Is there a way to configure Shiro with orientDB??

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Is there a way to configure Shiro with orientDB??

Sunil kumar
This is my *shiro.ini* file

jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled = false

jdbcRealm.authenticationQuery = SELECT Password FROM User WHERE Name = ?

ds = com.orientechnologies.orient.jdbc.OrientJdbcDriver
ds.serverName = localhost
ds.user = root
ds.password = root
ds.databaseName = configurationData
jdbcRealm.dataSource = $ds

securityManager.realms = $jdbcRealm
securityManager.sessionManager.globalSessionTimeout = 6000



--
Sent from: http://shiro-user.582556.n2.nabble.com/
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to configure Shiro with orientDB??

Brian Demers
What problem are you seeing?

-Brian

> On Jan 24, 2019, at 8:31 AM, Sunil kumar <[hidden email]> wrote:
>
> This is my *shiro.ini* file
>
> jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
> jdbcRealm.permissionsLookupEnabled = false
>
> jdbcRealm.authenticationQuery = SELECT Password FROM User WHERE Name = ?
>
> ds = com.orientechnologies.orient.jdbc.OrientJdbcDriver
> ds.serverName = localhost
> ds.user = root
> ds.password = root
> ds.databaseName = configurationData
> jdbcRealm.dataSource = $ds
>
> securityManager.realms = $jdbcRealm
> securityManager.sessionManager.globalSessionTimeout = 6000
>
>
>
> --
> Sent from: http://shiro-user.582556.n2.nabble.com/
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to configure Shiro with orientDB??

Sunil kumar
org.apache.shiro.config.ConfigurationException: Property 'serverName' does
not exist for object of type
com.orientechnologies.orient.jdbc.OrientJdbcDriver.
at
org.apache.shiro.config.ReflectionBuilder.isTypedProperty(ReflectionBuilder.java:413)



I'm getting this exception when I this configuration.


I am not clear about how to change my shiro.ini file to connect to orientdb
using jdbc realm



--
Sent from: http://shiro-user.582556.n2.nabble.com/
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to configure Shiro with orientDB??

Andreas Reichel
In reply to this post by Brian Demers
Hi Sunil.

You easily can build your own Custom JDBC Realm, taking care of the particular connection settings.
I found that much easier then to fidle with the generic JDBC realm.

For reference, see my own realm attached, you will need to implement at least the highlighted parts:

  /**
   * This implementation of the interface expects the principals collection to return a String
   * username keyed off of this realm's [hidden email] #getName() name}
   *
   * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
   */
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

    // null usernames are invalid
    if (principals == null) {
      throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }

    String username = (String) getAvailablePrincipal(principals);

    Connection conn = null;
    Set<String> roleNames = null;
    Set<String> permissions = null;
    try {
      conn = COMMONReader.etlConnection.getConnection();

      // Retrieve roles and permissions from database
      roleNames = getRoleNamesForUser(conn, username);
      if (permissionsLookupEnabled) {
        permissions = getPermissions(conn, username, roleNames);
      }

    } catch (Exception e) {
      throw new AuthorizationException(
          "There was a SQL error while authorizing user [" + username + "]", e);
    } finally {
      COMMONReader.etlConnection.release(conn);
    }

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
    info.setStringPermissions(permissions);
    return info;

  }


Best regards
Andreas

On Thu, 2019-01-24 at 21:00 -0700, Sunil kumar wrote:
org.apache.shiro.config.ConfigurationException: Property 'serverName' does
not exist for object of type
com.orientechnologies.orient.jdbc.OrientJdbcDriver.
at
org.apache.shiro.config.ReflectionBuilder.isTypedProperty(ReflectionBuilder.java:413)



This is the error I'm getting when I use this configuration.
I don't have a clear understanding of how to connect to orientdb using jdbc
realm



--
Sent from: 
http://shiro-user.582556.n2.nabble.com/



MJdbcRealm.java (10K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to configure Shiro with orientDB??

Kanishka kumar
Hey Andreas ,
According to the document
The getSubject() call in a standalone application might return a Subject based on user data in an application-specific location


So in my application in which I am using postgres and hibernate.what getsubject will return

On Fri, 25 Jan 2019, 09:48 Andreas Reichel <[hidden email] wrote:
Hi Sunil.

You easily can build your own Custom JDBC Realm, taking care of the particular connection settings.
I found that much easier then to fidle with the generic JDBC realm.

For reference, see my own realm attached, you will need to implement at least the highlighted parts:

  /**
   * This implementation of the interface expects the principals collection to return a String
   * username keyed off of this realm's [hidden email] #getName() name}
   *
   * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
   */
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

    // null usernames are invalid
    if (principals == null) {
      throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }

    String username = (String) getAvailablePrincipal(principals);

    Connection conn = null;
    Set<String> roleNames = null;
    Set<String> permissions = null;
    try {
      conn = COMMONReader.etlConnection.getConnection();

      // Retrieve roles and permissions from database
      roleNames = getRoleNamesForUser(conn, username);
      if (permissionsLookupEnabled) {
        permissions = getPermissions(conn, username, roleNames);
      }

    } catch (Exception e) {
      throw new AuthorizationException(
          "There was a SQL error while authorizing user [" + username + "]", e);
    } finally {
      COMMONReader.etlConnection.release(conn);
    }

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
    info.setStringPermissions(permissions);
    return info;

  }


Best regards
Andreas

On Thu, 2019-01-24 at 21:00 -0700, Sunil kumar wrote:
org.apache.shiro.config.ConfigurationException: Property 'serverName' does
not exist for object of type
com.orientechnologies.orient.jdbc.OrientJdbcDriver.
at
org.apache.shiro.config.ReflectionBuilder.isTypedProperty(ReflectionBuilder.java:413)



This is the error I'm getting when I use this configuration.
I don't have a clear understanding of how to connect to orientdb using jdbc
realm



--
Sent from: 
http://shiro-user.582556.n2.nabble.com/


Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to configure Shiro with orientDB??

Andreas Reichel

On Fri, 2019-01-25 at 09:50 +0530, Kanishka kumar wrote:
Hey Andreas ,
According to the document
The getSubject() call in a standalone application might return a Subject based on user data in an application-specific location

Hi Kanishka,

not sure if I understand your question right, but for me it looks like this:

// 1. Load the INI configuration with the Custom JDBC Realm
    Ini ini = new Ini();
    ini.load(ClassLoader.getSystemResourceAsStream("com/manticore/common/auth/shiro.ini"));
    Factory<SecurityManager> factory = new IniSecurityManagerFactory(ini);

    // 2. Create the SecurityManager
    SecurityManager securityManager = factory.getInstance();

    // 3. Make it accessible
    SecurityUtils.setSecurityManager(securityManager);

    // 4. Acquire submitted principals and credentials:
    UsernamePasswordToken token = new UsernamePasswordToken("VBox", "1508Reporting");

    //”Remember Me” built-in:
    token.setRememberMe(true);

    // 5. Get the current Subject:
    Subject currentUser = SecurityUtils.getSubject();

    logger.info("Try to log in");
    
    // 6. Login, throws an exception on failure
    currentUser.login(token);
    
// 7. at this point we have authenticated
    logger.info("Logged in");

Best regards
Andreas