use of org.apache.shiro.web.env.EnvironmentLoaderListener in project zeppelin by apache.
the class ZeppelinServer method setupRestApiContextHandler.
private static void setupRestApiContextHandler(WebAppContext webapp, ZeppelinConfiguration conf) {
final ServletHolder servletHolder = new ServletHolder(new org.glassfish.jersey.servlet.ServletContainer());
servletHolder.setInitParameter("javax.ws.rs.Application", ZeppelinServer.class.getName());
servletHolder.setName("rest");
servletHolder.setForcedPath("rest");
webapp.setSessionHandler(new SessionHandler());
webapp.addServlet(servletHolder, "/api/*");
String shiroIniPath = conf.getShiroPath();
if (!StringUtils.isBlank(shiroIniPath)) {
webapp.setInitParameter("shiroConfigLocations", new File(shiroIniPath).toURI().toString());
webapp.addFilter(ShiroFilter.class, "/api/*", EnumSet.allOf(DispatcherType.class)).setInitParameter("staticSecurityManagerEnabled", "true");
webapp.addEventListener(new EnvironmentLoaderListener());
}
}
use of org.apache.shiro.web.env.EnvironmentLoaderListener in project SSM by Intel-bigdata.
the class SmartZeppelinServer method setupRestApiContextHandler.
private void setupRestApiContextHandler(WebAppContext webApp) throws Exception {
webApp.setSessionHandler(new SessionHandler());
// There are two sets of rest api: Zeppelin's and SSM's. They have different path.
ResourceConfig smartConfig = new ApplicationAdapter(new SmartRestApp());
ServletHolder smartServletHolder = new ServletHolder(new ServletContainer(smartConfig));
webApp.addServlet(smartServletHolder, SMART_PATH_SPEC);
ResourceConfig zeppelinConfig = new ApplicationAdapter(new ZeppelinRestApp());
ServletHolder zeppelinServletHolder = new ServletHolder(new ServletContainer(zeppelinConfig));
webApp.addServlet(zeppelinServletHolder, ZEPPELIN_PATH_SPEC);
String shiroIniPath = zconf.getShiroPath();
if (!StringUtils.isBlank(shiroIniPath)) {
webApp.setInitParameter("shiroConfigLocations", new File(shiroIniPath).toURI().toString());
SecurityUtils.initSecurityManager(shiroIniPath);
webApp.addFilter(ShiroFilter.class, ZEPPELIN_PATH_SPEC, EnumSet.allOf(DispatcherType.class));
// To make shiro configuration (authentication, etc.) take effect for smart rest api as well.
webApp.addFilter(ShiroFilter.class, SMART_PATH_SPEC, EnumSet.allOf(DispatcherType.class));
webApp.addEventListener(new EnvironmentLoaderListener());
}
}
use of org.apache.shiro.web.env.EnvironmentLoaderListener in project ANNIS by korpling.
the class AnnisServiceRunner method createWebServer.
private void createWebServer() {
// create beans
ctx = new GenericXmlApplicationContext();
ctx.setValidating(false);
AnnisXmlContextHelper.prepareContext(ctx);
ctx.load("file:" + Utils.getAnnisFile("conf/spring/Service.xml").getAbsolutePath());
ctx.refresh();
ResourceConfig rc = new PackagesResourceConfig("annis.service.internal", "annis.provider", "annis.rest.provider");
final IoCComponentProviderFactory factory = new SpringComponentProviderFactory(rc, ctx);
int port = overridePort == null ? ctx.getBean(QueryServiceImpl.class).getPort() : overridePort;
try {
// only allow connections from localhost
// if the administrator wants to allow external acccess he *has* to
// use a HTTP proxy which also should use SSL encryption
InetSocketAddress addr = new InetSocketAddress("localhost", port);
server = new Server(addr);
ServletContextHandler context = new ServletContextHandler(ServletContextHandler.NO_SESSIONS);
context.setContextPath("/");
server.setHandler(context);
server.setThreadPool(new ExecutorThreadPool());
ServletContainer jerseyContainer = new ServletContainer(rc) {
@Override
protected void initiate(ResourceConfig rc, WebApplication wa) {
wa.initiate(rc, factory);
}
};
ServletHolder holder = new ServletHolder(jerseyContainer);
context.addServlet(holder, "/*");
context.setInitParameter(EnvironmentLoader.ENVIRONMENT_CLASS_PARAM, MultipleIniWebEnvironment.class.getName());
if (useAuthentification) {
log.info("Using authentification");
context.setInitParameter(EnvironmentLoader.CONFIG_LOCATIONS_PARAM, "file:" + System.getProperty("annis.home") + "/conf/shiro.ini," + "file:" + System.getProperty("annis.home") + "/conf/develop_shiro.ini");
} else {
log.warn("*NOT* using authentification, your ANNIS service *IS NOT SECURED*");
context.setInitParameter(EnvironmentLoader.CONFIG_LOCATIONS_PARAM, "file:" + System.getProperty("annis.home") + "/conf/shiro_no_security.ini");
}
EnumSet<DispatcherType> gzipDispatcher = EnumSet.of(DispatcherType.REQUEST);
context.addFilter(GzipFilter.class, "/*", gzipDispatcher);
// configure Apache Shiro with the web application
context.addEventListener(new EnvironmentLoaderListener());
EnumSet<DispatcherType> shiroDispatchers = EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.ERROR);
context.addFilter(ShiroFilter.class, "/*", shiroDispatchers);
} catch (IllegalArgumentException ex) {
log.error("IllegalArgumentException at ANNIS service startup", ex);
isShutdownRequested = true;
errorCode = 101;
} catch (NullPointerException ex) {
log.error("NullPointerException at ANNIS service startup", ex);
isShutdownRequested = true;
errorCode = 101;
} catch (AnnisRunnerException ex) {
errorCode = ex.getExitCode();
}
}
use of org.apache.shiro.web.env.EnvironmentLoaderListener in project jena by apache.
the class ExFusekiMain_2_AddShiro method addShiroFilter.
// From Barry Nouwt : https://lists.apache.org/thread.html/r1e3fa952ff9f4a9108e16f07f1edf78c67e08c9b081497c627e3b833%40%3Cusers.jena.apache.org%3E
public static void addShiroFilter(FusekiServer fusekiServer) {
Server jettyServer = fusekiServer.getJettyServer();
ServletContextHandler servletContextHandler = (ServletContextHandler) jettyServer.getHandler();
ServletHandler servletHandler = servletContextHandler.getServletHandler();
// for shiro
EnvironmentLoaderListener ell = new EnvironmentLoaderListener();
servletContextHandler.addEventListener(ell);
// Copies
List<FilterMapping> mappings = new ArrayList<FilterMapping>(Arrays.asList(servletHandler.getFilterMappings()));
List<FilterHolder> holders = new ArrayList<FilterHolder>(Arrays.asList(servletHandler.getFilters()));
{
// add Shiro Filter and mapping
FilterHolder holder1 = new FilterHolder();
holder1.setFilter(new ShiroFilter());
FilterMapping mapping1 = new FilterMapping();
mapping1.setFilterName(holder1.getName());
mapping1.setPathSpec("/*");
mapping1.setDispatcherTypes(EnumSet.allOf(DispatcherType.class));
mappings.add(0, mapping1);
holders.add(0, holder1);
}
FilterMapping[] mappings3 = new FilterMapping[mappings.size()];
mappings3 = mappings.toArray(mappings3);
FilterHolder[] holders3 = new FilterHolder[holders.size()];
holders3 = holders.toArray(holders3);
servletHandler.setFilters(holders3);
servletHandler.setFilterMappings(mappings3);
// Specify the Session ID Manager
SessionIdManager idmanager = new DefaultSessionIdManager(jettyServer);
jettyServer.setSessionIdManager(idmanager);
// Specify the session handler
SessionHandler sessionsHandler = new SessionHandler();
sessionsHandler.setUsingCookies(false);
servletHandler.setHandler(sessionsHandler);
}
use of org.apache.shiro.web.env.EnvironmentLoaderListener in project qi4j-sdk by Qi4j.
the class WebServletShiroTest method test.
@Test
public void test() throws Exception {
int port = FreePortFinder.findFreePortOnLoopback(9001);
Server server = new Server(port);
try {
ServletContextHandler context = new ServletContextHandler();
context.setContextPath("/");
context.setInitParameter("shiroConfigLocations", "classpath:web-shiro.ini");
context.addEventListener(new EnvironmentLoaderListener());
context.addFilter(ShiroFilter.class, "/*", EnumSet.of(REQUEST, FORWARD, INCLUDE, ERROR));
server.setHandler(context);
server.start();
// HttpClient client = new DefaultHttpClient();
// String result = client.execute( new HttpGet( "http://127.0.0.1:" + port + "/" ), new BasicResponseHandler() );
} finally {
server.stop();
}
}
Aggregations