1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.shiro.samples.guice;
20
21 import com.google.inject.Provides;
22 import com.google.inject.binder.AnnotatedBindingBuilder;
23 import com.google.inject.name.Names;
24 import org.apache.shiro.codec.Base64;
25 import org.apache.shiro.config.ConfigurationException;
26 import org.apache.shiro.config.Ini;
27 import org.apache.shiro.guice.web.ShiroWebModule;
28 import org.apache.shiro.realm.text.IniRealm;
29 import org.apache.shiro.web.mgt.CookieRememberMeManager;
30 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
31 import org.apache.shiro.web.mgt.WebSecurityManager;
32
33 import javax.inject.Singleton;
34 import javax.servlet.ServletContext;
35 import java.net.MalformedURLException;
36 import java.net.URL;
37
38 public class SampleShiroServletModule extends ShiroWebModule {
39 private final ServletContext servletContext;
40
41 public SampleShiroServletModule(ServletContext servletContext) {
42 super(servletContext);
43
44 this.servletContext = servletContext;
45 }
46
47 @Override
48 protected void configureShiroWeb() {
49 bindConstant().annotatedWith(Names.named("shiro.loginUrl")).to("/login.jsp");
50 try {
51 this.bindRealm().toConstructor(IniRealm.class.getConstructor(Ini.class));
52 } catch (NoSuchMethodException e) {
53 addError("Could not locate proper constructor for IniRealm.", e);
54 }
55
56 this.addFilterChain("/login.jsp", AUTHC);
57 this.addFilterChain("/logout", LOGOUT);
58 this.addFilterChain("/account/**", AUTHC);
59
60 this.addFilterChain("/remoting/**", AUTHC, config(ROLES, "b2bClient"), config(PERMS, "remote:invoke:lan,wan"));
61 }
62
63 @Provides
64 @Singleton
65 Ini loadShiroIni() throws MalformedURLException {
66 URL iniUrl = servletContext.getResource("/WEB-INF/shiro.ini");
67 return Ini.fromResourcePath("url:" + iniUrl.toExternalForm());
68 }
69
70 @Override
71 protected void bindWebSecurityManager(AnnotatedBindingBuilder<? super WebSecurityManager> bind)
72 {
73 try
74 {
75 String cipherKey = loadShiroIni().getSectionProperty( "main", "securityManager.rememberMeManager.cipherKey" );
76
77 DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
78 CookieRememberMeManager rememberMeManager = new CookieRememberMeManager();
79 rememberMeManager.setCipherKey( Base64.decode( cipherKey ) );
80 securityManager.setRememberMeManager(rememberMeManager);
81 bind.toInstance(securityManager);
82 }
83 catch ( MalformedURLException e )
84 {
85
86
87 throw new ConfigurationException( "securityManager.rememberMeManager.cipherKey must be set in shiro.ini." );
88 }
89
90
91 }
92 }