Search in sources :

Example 1 with EnvironmentLoaderListener

use of org.apache.shiro.web.env.EnvironmentLoaderListener in project zeppelin by apache.

the class ZeppelinServer method setupRestApiContextHandler.

private static void setupRestApiContextHandler(WebAppContext webapp, ZeppelinConfiguration conf) {
    final ServletHolder servletHolder = new ServletHolder(new org.glassfish.jersey.servlet.ServletContainer());
    servletHolder.setInitParameter("javax.ws.rs.Application", ZeppelinServer.class.getName());
    servletHolder.setName("rest");
    servletHolder.setForcedPath("rest");
    webapp.setSessionHandler(new SessionHandler());
    webapp.addServlet(servletHolder, "/api/*");
    String shiroIniPath = conf.getShiroPath();
    if (!StringUtils.isBlank(shiroIniPath)) {
        webapp.setInitParameter("shiroConfigLocations", new File(shiroIniPath).toURI().toString());
        webapp.addFilter(ShiroFilter.class, "/api/*", EnumSet.allOf(DispatcherType.class)).setInitParameter("staticSecurityManagerEnabled", "true");
        webapp.addEventListener(new EnvironmentLoaderListener());
    }
}
Also used : SessionHandler(org.eclipse.jetty.server.session.SessionHandler) EnvironmentLoaderListener(org.apache.shiro.web.env.EnvironmentLoaderListener) ServletHolder(org.eclipse.jetty.servlet.ServletHolder) File(java.io.File) ShiroFilter(org.apache.shiro.web.servlet.ShiroFilter)

Example 2 with EnvironmentLoaderListener

use of org.apache.shiro.web.env.EnvironmentLoaderListener in project SSM by Intel-bigdata.

the class SmartZeppelinServer method setupRestApiContextHandler.

private void setupRestApiContextHandler(WebAppContext webApp) throws Exception {
    webApp.setSessionHandler(new SessionHandler());
    // There are two sets of rest api: Zeppelin's and SSM's. They have different path.
    ResourceConfig smartConfig = new ApplicationAdapter(new SmartRestApp());
    ServletHolder smartServletHolder = new ServletHolder(new ServletContainer(smartConfig));
    webApp.addServlet(smartServletHolder, SMART_PATH_SPEC);
    ResourceConfig zeppelinConfig = new ApplicationAdapter(new ZeppelinRestApp());
    ServletHolder zeppelinServletHolder = new ServletHolder(new ServletContainer(zeppelinConfig));
    webApp.addServlet(zeppelinServletHolder, ZEPPELIN_PATH_SPEC);
    String shiroIniPath = zconf.getShiroPath();
    if (!StringUtils.isBlank(shiroIniPath)) {
        webApp.setInitParameter("shiroConfigLocations", new File(shiroIniPath).toURI().toString());
        SecurityUtils.initSecurityManager(shiroIniPath);
        webApp.addFilter(ShiroFilter.class, ZEPPELIN_PATH_SPEC, EnumSet.allOf(DispatcherType.class));
        // To make shiro configuration (authentication, etc.) take effect for smart rest api as well.
        webApp.addFilter(ShiroFilter.class, SMART_PATH_SPEC, EnumSet.allOf(DispatcherType.class));
        webApp.addEventListener(new EnvironmentLoaderListener());
    }
}
Also used : SessionHandler(org.eclipse.jetty.server.session.SessionHandler) EnvironmentLoaderListener(org.apache.shiro.web.env.EnvironmentLoaderListener) ServletHolder(org.eclipse.jetty.servlet.ServletHolder) ServletContainer(com.sun.jersey.spi.container.servlet.ServletContainer) ResourceConfig(com.sun.jersey.api.core.ResourceConfig) ApplicationAdapter(com.sun.jersey.api.core.ApplicationAdapter) DispatcherType(javax.servlet.DispatcherType) File(java.io.File)

Example 3 with EnvironmentLoaderListener

use of org.apache.shiro.web.env.EnvironmentLoaderListener in project ANNIS by korpling.

the class AnnisServiceRunner method createWebServer.

private void createWebServer() {
    // create beans
    ctx = new GenericXmlApplicationContext();
    ctx.setValidating(false);
    AnnisXmlContextHelper.prepareContext(ctx);
    ctx.load("file:" + Utils.getAnnisFile("conf/spring/Service.xml").getAbsolutePath());
    ctx.refresh();
    ResourceConfig rc = new PackagesResourceConfig("annis.service.internal", "annis.provider", "annis.rest.provider");
    final IoCComponentProviderFactory factory = new SpringComponentProviderFactory(rc, ctx);
    int port = overridePort == null ? ctx.getBean(QueryServiceImpl.class).getPort() : overridePort;
    try {
        // only allow connections from localhost
        // if the administrator wants to allow external acccess he *has* to
        // use a HTTP proxy which also should use SSL encryption
        InetSocketAddress addr = new InetSocketAddress("localhost", port);
        server = new Server(addr);
        ServletContextHandler context = new ServletContextHandler(ServletContextHandler.NO_SESSIONS);
        context.setContextPath("/");
        server.setHandler(context);
        server.setThreadPool(new ExecutorThreadPool());
        ServletContainer jerseyContainer = new ServletContainer(rc) {

            @Override
            protected void initiate(ResourceConfig rc, WebApplication wa) {
                wa.initiate(rc, factory);
            }
        };
        ServletHolder holder = new ServletHolder(jerseyContainer);
        context.addServlet(holder, "/*");
        context.setInitParameter(EnvironmentLoader.ENVIRONMENT_CLASS_PARAM, MultipleIniWebEnvironment.class.getName());
        if (useAuthentification) {
            log.info("Using authentification");
            context.setInitParameter(EnvironmentLoader.CONFIG_LOCATIONS_PARAM, "file:" + System.getProperty("annis.home") + "/conf/shiro.ini," + "file:" + System.getProperty("annis.home") + "/conf/develop_shiro.ini");
        } else {
            log.warn("*NOT* using authentification, your ANNIS service *IS NOT SECURED*");
            context.setInitParameter(EnvironmentLoader.CONFIG_LOCATIONS_PARAM, "file:" + System.getProperty("annis.home") + "/conf/shiro_no_security.ini");
        }
        EnumSet<DispatcherType> gzipDispatcher = EnumSet.of(DispatcherType.REQUEST);
        context.addFilter(GzipFilter.class, "/*", gzipDispatcher);
        // configure Apache Shiro with the web application
        context.addEventListener(new EnvironmentLoaderListener());
        EnumSet<DispatcherType> shiroDispatchers = EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.ERROR);
        context.addFilter(ShiroFilter.class, "/*", shiroDispatchers);
    } catch (IllegalArgumentException ex) {
        log.error("IllegalArgumentException at ANNIS service startup", ex);
        isShutdownRequested = true;
        errorCode = 101;
    } catch (NullPointerException ex) {
        log.error("NullPointerException at ANNIS service startup", ex);
        isShutdownRequested = true;
        errorCode = 101;
    } catch (AnnisRunnerException ex) {
        errorCode = ex.getExitCode();
    }
}
Also used : EnvironmentLoaderListener(org.apache.shiro.web.env.EnvironmentLoaderListener) Server(org.eclipse.jetty.server.Server) MultipleIniWebEnvironment(annis.security.MultipleIniWebEnvironment) SpringComponentProviderFactory(com.sun.jersey.spi.spring.container.SpringComponentProviderFactory) InetSocketAddress(java.net.InetSocketAddress) ServletHolder(org.eclipse.jetty.servlet.ServletHolder) GenericXmlApplicationContext(org.springframework.context.support.GenericXmlApplicationContext) PackagesResourceConfig(com.sun.jersey.api.core.PackagesResourceConfig) IoCComponentProviderFactory(com.sun.jersey.core.spi.component.ioc.IoCComponentProviderFactory) AnnisRunnerException(annis.AnnisRunnerException) ServletContainer(com.sun.jersey.spi.container.servlet.ServletContainer) ExecutorThreadPool(org.eclipse.jetty.util.thread.ExecutorThreadPool) PackagesResourceConfig(com.sun.jersey.api.core.PackagesResourceConfig) ResourceConfig(com.sun.jersey.api.core.ResourceConfig) ServletContextHandler(org.eclipse.jetty.servlet.ServletContextHandler) WebApplication(com.sun.jersey.spi.container.WebApplication) DispatcherType(javax.servlet.DispatcherType)

Example 4 with EnvironmentLoaderListener

use of org.apache.shiro.web.env.EnvironmentLoaderListener in project jena by apache.

the class ExFusekiMain_2_AddShiro method addShiroFilter.

// From Barry Nouwt : https://lists.apache.org/thread.html/r1e3fa952ff9f4a9108e16f07f1edf78c67e08c9b081497c627e3b833%40%3Cusers.jena.apache.org%3E
public static void addShiroFilter(FusekiServer fusekiServer) {
    Server jettyServer = fusekiServer.getJettyServer();
    ServletContextHandler servletContextHandler = (ServletContextHandler) jettyServer.getHandler();
    ServletHandler servletHandler = servletContextHandler.getServletHandler();
    // for shiro
    EnvironmentLoaderListener ell = new EnvironmentLoaderListener();
    servletContextHandler.addEventListener(ell);
    // Copies
    List<FilterMapping> mappings = new ArrayList<FilterMapping>(Arrays.asList(servletHandler.getFilterMappings()));
    List<FilterHolder> holders = new ArrayList<FilterHolder>(Arrays.asList(servletHandler.getFilters()));
    {
        // add Shiro Filter and mapping
        FilterHolder holder1 = new FilterHolder();
        holder1.setFilter(new ShiroFilter());
        FilterMapping mapping1 = new FilterMapping();
        mapping1.setFilterName(holder1.getName());
        mapping1.setPathSpec("/*");
        mapping1.setDispatcherTypes(EnumSet.allOf(DispatcherType.class));
        mappings.add(0, mapping1);
        holders.add(0, holder1);
    }
    FilterMapping[] mappings3 = new FilterMapping[mappings.size()];
    mappings3 = mappings.toArray(mappings3);
    FilterHolder[] holders3 = new FilterHolder[holders.size()];
    holders3 = holders.toArray(holders3);
    servletHandler.setFilters(holders3);
    servletHandler.setFilterMappings(mappings3);
    // Specify the Session ID Manager
    SessionIdManager idmanager = new DefaultSessionIdManager(jettyServer);
    jettyServer.setSessionIdManager(idmanager);
    // Specify the session handler
    SessionHandler sessionsHandler = new SessionHandler();
    sessionsHandler.setUsingCookies(false);
    servletHandler.setHandler(sessionsHandler);
}
Also used : SessionHandler(org.eclipse.jetty.server.session.SessionHandler) ServletHandler(org.eclipse.jetty.servlet.ServletHandler) EnvironmentLoaderListener(org.apache.shiro.web.env.EnvironmentLoaderListener) DefaultSessionIdManager(org.eclipse.jetty.server.session.DefaultSessionIdManager) FilterHolder(org.eclipse.jetty.servlet.FilterHolder) FusekiServer(org.apache.jena.fuseki.main.FusekiServer) Server(org.eclipse.jetty.server.Server) ArrayList(java.util.ArrayList) FilterMapping(org.eclipse.jetty.servlet.FilterMapping) SessionIdManager(org.eclipse.jetty.server.SessionIdManager) DefaultSessionIdManager(org.eclipse.jetty.server.session.DefaultSessionIdManager) ServletContextHandler(org.eclipse.jetty.servlet.ServletContextHandler) ShiroFilter(org.apache.shiro.web.servlet.ShiroFilter)

Example 5 with EnvironmentLoaderListener

use of org.apache.shiro.web.env.EnvironmentLoaderListener in project qi4j-sdk by Qi4j.

the class WebServletShiroTest method test.

@Test
public void test() throws Exception {
    int port = FreePortFinder.findFreePortOnLoopback(9001);
    Server server = new Server(port);
    try {
        ServletContextHandler context = new ServletContextHandler();
        context.setContextPath("/");
        context.setInitParameter("shiroConfigLocations", "classpath:web-shiro.ini");
        context.addEventListener(new EnvironmentLoaderListener());
        context.addFilter(ShiroFilter.class, "/*", EnumSet.of(REQUEST, FORWARD, INCLUDE, ERROR));
        server.setHandler(context);
        server.start();
    // HttpClient client = new DefaultHttpClient();
    // String result = client.execute( new HttpGet( "http://127.0.0.1:" + port + "/" ), new BasicResponseHandler() );
    } finally {
        server.stop();
    }
}
Also used : EnvironmentLoaderListener(org.apache.shiro.web.env.EnvironmentLoaderListener) Server(org.eclipse.jetty.server.Server) ServletContextHandler(org.eclipse.jetty.servlet.ServletContextHandler) Test(org.junit.Test)

Aggregations

EnvironmentLoaderListener (org.apache.shiro.web.env.EnvironmentLoaderListener)5 Server (org.eclipse.jetty.server.Server)3 SessionHandler (org.eclipse.jetty.server.session.SessionHandler)3 ServletContextHandler (org.eclipse.jetty.servlet.ServletContextHandler)3 ServletHolder (org.eclipse.jetty.servlet.ServletHolder)3 ResourceConfig (com.sun.jersey.api.core.ResourceConfig)2 ServletContainer (com.sun.jersey.spi.container.servlet.ServletContainer)2 File (java.io.File)2 DispatcherType (javax.servlet.DispatcherType)2 ShiroFilter (org.apache.shiro.web.servlet.ShiroFilter)2 AnnisRunnerException (annis.AnnisRunnerException)1 MultipleIniWebEnvironment (annis.security.MultipleIniWebEnvironment)1 ApplicationAdapter (com.sun.jersey.api.core.ApplicationAdapter)1 PackagesResourceConfig (com.sun.jersey.api.core.PackagesResourceConfig)1 IoCComponentProviderFactory (com.sun.jersey.core.spi.component.ioc.IoCComponentProviderFactory)1 WebApplication (com.sun.jersey.spi.container.WebApplication)1 SpringComponentProviderFactory (com.sun.jersey.spi.spring.container.SpringComponentProviderFactory)1 InetSocketAddress (java.net.InetSocketAddress)1 ArrayList (java.util.ArrayList)1 FusekiServer (org.apache.jena.fuseki.main.FusekiServer)1