Apache Shiro in Spring Boot Desktop Standalone Application

0
votes

I once successfully implemented Apache Shiro in a desktop standalone application (without Spring framework or any framework for that matter).

I used INI file to get SecurityManager like so:

Factory<org.apache.shiro.mgt.SecurityManager> factory = new IniSecurityManagerFactory(
                            "classpath:resources/shiro.ini");
org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();

I read in one of stackoverflow post that it is not advisable to use shiro INI when using spring.

In my case now I use Spring Boot with Spring Data JPA with Hibernate in this application. What is the best way to configure Apache Shiro so that I can maximise the use of this security framework.

Edit

All examples i have come across, shows examples for web. I need specifically for standalone application. Examples will highly be appreciated.

Solution

After alot of learning and answers from this post, i managed to come up with this solution and created github repo. If anyone wishes to make it better, be my guest.

2
javaspringhibernatejavafx-8shiro

2 Answers

1
votes

As I understand doesn't mutter if you are developing a web-based application or a standalone, unless for the webfilters official Apache shiro doc as you can see here this example shows how to properly configure apache shiro for both, web-based and standalone.

You can still use xml-based configurations,as is described here with spring boot and it's easy migrate configuration from INI files to XML using tags like or constructor-args as shown here spring xsd doc

In my opinion use INI file or XML-based configurations has smiilar advanteges and disadvantages, in both methods you can "hot-swap" beans configurations.

For instance if it's easy for you use Java or configurate Shiro on code you can check this github link where you can see an example Class configuration for apache Shiro spring-boot application.

Forget about the web filters and configure the others beans as on this links it should work fine.

As far as i know there is no a good or a worng way talking about use xml or class configurations with spring boot, it just depend on what your needs are.

To finish I code a simple example Spring-boot-standalone with shiro. for you to demostrate an XML-based configuration, this prints the realm bean to show that the context is up and has commented code to fulfill with your needs the rest must be compleate beans with the shiro webpage tutorial.

Greatings.

0
votes

You can use a yml file to add shiro configurations along with you the application properties. As an example, take a look at https://github.com/johntostring/spring-boot-shiro