How do you use a JDBCRealm
to handle authenticating and authorizing users in servlets? The only example I can find is to create the DataSource in web.xml
(such as Authentication against database using shiro 1.2.1).
I do not want to include database credentials in my source tree (for obvious reasons) and would prefer to use a Context defined DataSource via JNDI as I have for every other RDBMS I have used for any other purpose in every other servlet project I have developed.
How do you configure a Shiro JDBCRealm
to obtain its DataSource
from JNDI?
For Shiro to work with permissions with the JDBC realm this parameter is indispensable:
I wasted many hours on this because the default for this option is false. In other words, if you don't put this option Shiro always return an empty list of permissions.
I commented on @Les Hazlewood answer and on @Recurse comment, but might be that new answer is better option.
In my case I have to use only JDNI datasource name on weblogic and full path on tomcat:
Tomcat:
Weblogic
Note
You'll need to create a custom Realm of your own by extending
JdbcRealm
to programatically lookup the datasource through the provided JNDI.You can then pass the JNDI as a property in
shiro.ini
See the below article as an example. It takes care of both Authentication and Authorization.
Apache Shiro JDBC Realm
Vrushank's answer was really close: you don't need to subclass the JdbcRealm here - you can use Shiro's JndiObjectFactory to acquire the DataSource and then reference that DataSource when you configure the JdbcRealm:
For a web application, save the file under
WEB-INF/shiro.ini
.See Also