Beranda / Shiro Pull Request 914

Shiro Pull Request 914

https stash.corp.netflix.com projects cme repos shiro pull-requests 914
https stash.corp.netflix.com projects cme repos shiro pull-requests 914

https://stash.corp.netflix.com/projects/CME/repos/shiro/pull-requests/914

Overview

This pull request brings support for OAuth2 bearer tokens to the Shiro authentication framework. This makes it possible for Shiro to become used with OAuth2-based applications, such since those that work with Google or Myspace for authentication.

Changes

The right away changes were built to implement this kind of feature:

  • A brand-new OAuth2Token school was added for you to represent an OAuth2 bearer token.
  • The ShiroFilter class has been modified to assist OAuth2 bearer token authentication.
  • A new OAuth2Realm class was initially added to supply the necessary authentication logic.
  • A new OAuth2Filter class was added to supply a simple method to filter requests that require OAuth2 bearer token authentication.

Benefits

This feature provides the following benefits:

  • Allows Shiro for you to be used along with OAuth2-based applications.
  • Simplifies typically the process of authenticating users in OAuth2-based applications.
  • Provides an even more secure way to authenticate users found in OAuth2-based applications.

Use

For you to use this characteristic, you must first add the next dependency to your current project: 

 < dependency> < groupId> org. apache. shiro< /groupId> < artifactId> shiro-oauth2< /artifactId> < version> 2. 0. 0-SNAPSHOT< /version> < /dependency>

Once you have added the habbit, you can next configure Shiro to be able to use OAuth2 bearer token authentication. The following is a good example of how to do this: 

 // Create a new new ShiroFilter illustration. ShiroFilter filter = new ShiroFilter(); // Set the get access URL. filter. setLoginUrl("/login"); // Set the success URL. filtering. setSuccessUrl("/home"); // Established the unauthorized WEB ADDRESS. filter. setUnauthorizedUrl("/unauthorized"); // Create a brand-new OAuth2Realm instance. OAuth2Realm realm = new OAuth2Realm(); // Arranged the realm on the ShiroFilter instance. filter. setRealm(realm); // Add the OAuth2Filter to the ShiroFilter instance. filter. addFilter("oauth2", new OAuth2Filter()); // Set the ShiroFilter instance on this ServletContext. ServletContext servletContext = getServletContext(); servletContext. setAttribute(ShiroFilter. FILTER_NAME, filter);

Once you include configured Shiro to use OAuth2 bearer token authentication, a person can then make use of the OAuth2Token class to represent OAuth2 bearer bridal party. The following is an example of how to can this: 

 // Make a new OAuth2Token instance. OAuth2Token token = new OAuth2Token("accessToken"); // Set this token on the SecurityContext. SecurityContext securityContext = SecurityUtils. getSubject(). getSession(); securityContext. setAuthentication(new OAuth2Authentication(token));

Conclusion

This function adds support for OAuth2 bearer tokens to the Shiro authentication framework. This particular allows Shiro to be able to be used with OAuth2-based applications, such as those that will use Google or Facebook for authentication.