16

How do you use a JDBCRealm to handle authenticating and authorizing users in servlets? The only example I can find is to create the DataSource in web.xml (such as Authentication against database using shiro 1.2.1).

I do not want to include database credentials in my source tree (for obvious reasons) and would prefer to use a Context defined DataSource via JNDI as I have for every other RDBMS I have used for any other purpose in every other servlet project I have developed.

How do you configure a Shiro JDBCRealm to obtain its DataSource from JNDI?

4

4 回答 4

22

Vrushank 的回答非常接近:您不需要在这里继承 JdbcRealm - 您可以使用 Shiro 的JndiObjectFactory获取 DataSource,然后在配置 JdbcRealm 时引用该 DataSource:

[main]
dataSource = org.apache.shiro.jndi.JndiObjectFactory
dataSource.resourceName = java://app/jdbc/myDataSource

jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $dataSource
#addt'l config

对于 Web 应用程序,将文件保存在WEB-INF/shiro.ini.

也可以看看

于 2013-07-03T15:48:18.747 回答
3

为了让 Shiro 使用 JDBC 领域的权限,这个参数是必不可少的:

jdbcRealm.permissionsLookupEnabled = true 

我为此浪费了很多时间,因为此选项的默认值为 false。换句话说,如果你不放这个选项 Shiro 总是返回一个空的权限列表。

于 2014-06-13T17:19:06.813 回答
2

我评论了@Les Hazlewood 答案和@Recurse 评论,但可能是新答案是更好的选择。

就我而言,我必须在 weblogic 上仅使用 JDNI 数据源名称,在 tomcat 上使用完整路径:

雄猫:

 ds = org.apache.shiro.jndi.JndiObjectFactory   
 ds.requiredType = javax.sql.DataSource  
 ds.resourceName = java:/comp/env/oracle/pportal_dev

 # JDBC realm config  
 jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm  
 jdbcRealm.permissionsLookupEnabled = true 
 jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
 jdbcRealm.dataSource = $ds

网络逻辑

 ds = org.apache.shiro.jndi.JndiObjectFactory   
 ds.requiredType = javax.sql.DataSource   
 ds.resourceName = oracle/pportal_dev

 # JDBC realm config  
 jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm  
 jdbcRealm.permissionsLookupEnabled = true 
 jdbcRealm.dataSource = $ds

笔记

ds.resourceName = java:/comp/env/oracle/pportal_dev 
vs
ds.resourceName = oracle/pportal_dev
于 2014-05-21T13:29:40.057 回答
-3

You'll need to create a custom Realm of your own by extending JdbcRealm to programatically lookup the datasource through the provided JNDI.

You can then pass the JNDI as a property in shiro.ini

[main]
# realms to be used
customSecurityRealm=package.to.your.CustomRealm
customSecurityRealm.jndiDataSourceName=java:app/jdbc/myDatasource

See the below article as an example. It takes care of both Authentication and Authorization.

Apache Shiro JDBC Realm

于 2013-07-03T06:44:58.693 回答