ShiroEE is a simple java extension to make Apache Shiro more CDI aware and simplify the configuration processes without the use of .ini files.
This library also provide a ready to use implementation of authentication realm for simultaneously use of database and LDAP/AD mechanics.
Download one of the releases under the release page or just put it as da dependency in your maven project:
<dependency>
<groupId>br.eti.arthurgregorio</groupId>
<artifactId>shiro-ee</artifactId>
<version>${shiroee.version}</version>
</dependency>
ShiroEE has a ready to use configuration, basically you need to create the properties file with the basic configurations, tell wich type of authentication you want to use and wich path you want to protect with permissions or roles authorization.
These three process are described below.
First of all, you need to provide the basic configuration to the framework creating a file named shiroee.properties in your resources folder, at least the obligatory parameters need to be set.
ldap.enabled=false # use true if you want to enable LDAP
url.login=/index.xhtml
url.login_success=/secured/dashboard.xhtml
url.unauthorized=/error/401.xhtml
A list of the predefined values already shipped with the framework can be seen here.
To configure the authentication process you need to create a class to tell ShiroEE wich realm they need to activate in your application. To do that, see this sample class.
To configure the URL authorization of you project you just need to implement the HttpSecurityConfiguration
class and with the builder class (HttpSecurityBuilder
) provided by the project configure wich path's you need to protect. A sample of this process can be found here.
The authentication control and the session control are the parts managed by the Shiro Framework but you need to implement some classes to access this features without compromissing the coupling of your project. To help with that, the Library project also have samples of this mechanics too, they can be found here and here.
If you want a full project where ShiroEE is configured with authentication through LDAP and Database, you can check the Library project made by me to provide a full base architecture for JEE applications.