Binding Security Manager to the thread context and Shiro

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Binding Security Manager to the thread context and Shiro

Craig Donovan
Hey all -

We're using the routing plugin to import data, and need to log in a user to do the inserts.  We are trying to sign in via Shiro, but we are getting an error because there is no SecurityManager attached to the Thread Context.  Has anyone had experience in resolving this?

Thanks

Reply | Threaded
Open this post in threaded view
|

Re: Binding Security Manager to the thread context and Shiro

Les Hazlewood-2
A quick fix is to call
SecurityUtils.setSecurityManager(shiroSecurityManager) at system
startup. Be aware though, this sets a VM-static singleton (i.e. one
instance for the entire VM).  Because most of us feel VM statics can
be 'evil', the alternative is much better, albeit a little more
complicated:

A 'cleaner' approach is to use the Subject.Builder to create a subject
instance based on some seed data (e.g. session ID) and bind/unbind it
before/after the thread's execution.  This is covered in the Subject
documentation here: http://shiro.apache.org/subject.html
(specifically, the "Custom Subject Instances") section.

Typically a subject is automatically created, bound and unbound for a
thread by the ShiroFilter when servicing a web request.  If your logic
is NOT triggered by a web request (e.g. via a startup or daemon
thread, or different thread (e.g. ExecutorService or thread pool)),
then you'll need to do the create/bind/unbind logic yourself.  See the
Subject page for more information.

HTH!

--
Les Hazlewood
Founder, Katasoft, Inc.
Application Security Products & Professional Apache Shiro Support and
Consulting:
http://www.katasoft.com

On Fri, Jan 14, 2011 at 8:00 AM, Craig Donovan <[hidden email]> wrote:
> Hey all -
>
> We're using the routing plugin to import data, and need to log in a user to
> do the inserts.  We are trying to sign in via Shiro, but we are getting an
> error because there is no SecurityManager attached to the Thread Context.
> Has anyone had experience in resolving this?
>
> Thanks

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email