Apache Shiro Basic 2

This is Stuff” blog explains the Shiro in very detail way.

I can use default filter (authc – in this case), but I can create a custom filter by extending the existing default filters. So no need to update web.xml rather shiro.ini file need to be updated.

 public class VerboseFormAuthFilter extends FormAuthenticationFilter
 {
    protected void setFailureAttribute( ServletRequest request, AuthenticationException ae)
    {
      String message = ae.getMessage();
      request.setAttribute(getFailureKeyAttribute(), message);
    }
 }

 

# Replace Form Authentication filter with Verbose filter. By default, it was "FormAuthenticationFilter".
authc = VerboseFormAuthFilter
# Request parameter with login error info. By default, 'shiroLoginFailure'. This will be used in JSP to retrieve error.
authc.failureKeyAttribute=myShiroLoginFailure

The purpose of having my own Form filter is to display an error message from the filter. As I defined failureKeyAttribute name “myShiroLoginFailutre” in the shiro.ini, same attribute name will be used in the JSP.

<%
String error = (String)request.getAttribute(“myShiroLoginFailure”);
if (error != null)
{
%>
Login attempt was unsuccessful :<%=error%>
<%
}
%>

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s