jsf 2 - Shiro in Java EE 6 application -
i following balusc code manage user authentication in java ee 6 (http://balusc.blogspot.com/2013/01/apache-shiro-is-it-ready-for-java-ee-6.html) works great if stay on same web container.
i'm facing issue perhaps can me. when injecting ejb resides in web container, securityutils.getsubject()
works ok method of ejb.
the problem when try on injected ejb container (even ejb jar in same ear).
error is:use case is:caused by: org.apache.shiro.unavailablesecuritymanagerexception: no securitymanager accessible calling code, either bound org.apache.shiro.util.threadcontext or vm static singleton. invalid application configuration.
managed bean a
injected stateless session bean b
. class a
resides in myapp.war, class b
resides in myapp.ejb, both inside myapp.ear. calling securityutils
class b
.
do have clues on how solve this?
i running jsf 2, java ee 6, jboss 7.1.
well, shiro bind securitymanager
threadlocal
via shirofilter
. @ dofilterinternal
method. subject
bind threadcontext
only inside subject.execute
method, means securityutils.getsubject()
return null each time called outside subject.execute, means outside shirofilter, means outside request thread , problem think.
abstractshirofilter.java
protected void dofilterinternal(servletrequest servletrequest, servletresponse servletresponse, final filterchain chain) throws servletexception, ioexception { ... final subject subject = createsubject(request, response); //noinspection unchecked subject.execute(new callable() { public object call() throws exception { updatesessionlastaccesstime(request, response); executechain(request, response, chain); return null; } }); ... }
well, said inject stateless b
whats di framework? shiro can integrate guice , spring quite easily.
Comments
Post a Comment