Java – how to configure Shiro realm to connect to Oracle database in struts 2 Application

Java

I have been working with Shiro (Ki, jsecurity) for several days and have been able to create a test application I'm using struts 2 to close JBoss I have been able to create a Shiro INI file with some hard coded users, I've got this job It seems that the API in Java is very easy to master, so integrating Shiro into my application and making it functional is not a real problem My real problem is that I can't find any form of documentation on how to use this setting to create / bind real to Oracle database I found a few examples and tried aimlessly to adapt them to my situation But I couldn't

I have an Oracle database with users table, which only contains user name, password and role If I can establish a connection, it seems to be just right for my current login / logout application

I'm on the web The following lines have been added to the XML

<filter>
    <filter-name>ShiroFilter</filter-name>
    <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
        <filter-mapping>
    <filter-name>ShiroFilter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher> 
    <dispatcher>FORWARD</dispatcher> 
    <dispatcher>INCLUDE</dispatcher> 
    <dispatcher>ERROR</dispatcher>
</filter-mapping>
<listener>
    <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>

Then I will Shiro Ini to my WEB-INF:

[main]

[users]
bruins = boston,admin,super,worker
rangers = newyork,worker
leafs = toronto,worker

[urls]
/authoring/logout = logout
/authoring/** = authc

After that, it's just from my loginaction Java code is invoked in Java:

Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();   
SecurityUtils.setSecurityManager(securityManager);   
Subject currentUser = SecurityUtils.getSubject();   
UsernamePasswordToken token = new UsernamePasswordToken(this.username,this.password);
try {   
    currentUser.login(token);   
    Session session = currentUser.getSession();   
    session.setAttribute("user",this.username);   
} catch (UnkNownAccountException uae) {   
  ... 
} catch (IncorrectCredentialsException iae) {   
 ...
} catch (LockedAccountException lae) {   
 ... 
} catch (AuthenticationException ae) {   
  ...         
} catch (Exception e) {   
 ...
}   
ActionMessages messages = new ActionMessages();
if (currentUser.isAuthenticated()) {   
    System.out.println("user is authenticated!!!!!");

    if (currentUser.hasRole("admin")){
        System.out.println(this.username + " can access admin functions");
    }
    if(currentUser.hasRole("super")){
        System.out.println(this.username + " can access supervisor functions");
    }
    if(currentUser.hasRole("worker")){
        System.out.println(this.username + " can only perform worker functions");
    }
    addActionMessage(getText("success.valid.user",this.username));
    return SUCCESS;
} else {   
    System.out.println("user was not authenticated!!!!!!");
    addActionError(getText("error.login"));
    return ERROR;
}

In summary, I let the application work with hard coded users: my question is, what is the best way to set up real to connect to my Oracle database? I have seen it online in several different ways, and I can't use any of them for my settings. I hope to achieve this, and I can continue to be familiar with the API

Thank you John

Solution

You can use Shiro's jdbcrealm and Shiro Ini, for example, with bonecp:

[main]
ds = com.jol@R_454_2419@.bonecp.BoneCPDataSource
ds.driverClass = oracle.jdbc.driver.OracleDriver
ds.jdbcUrl = dbc:oracle:thin:@localhost:1521:myschema
ds.username = scott
ds.password = tiger
# other BoneCP connection pool settings as desired

jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $ds
# you can customize the authenticationQuery,userRolesQuery and permissionsQuery
# if needed.

securityManager.realms = $jdbcRealm

We use bonecp in production and are very satisfied

You can check the jdbcrealm's source code to see how it works You can customize the query to match the database schema

In addition, if the default setting / query does not work, you can certainly subclass jdbcrealm to custom Customize the here's an example of jdbcrealm (if you want to do this, it also uses JNDI to find the data source instead of configuring the data source in shiro.ini)

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>