Permalink
Browse files

Update to Play 2.0.1, Shiro 1.2.0.

  • Loading branch information...
1 parent 03f486a commit ab421b7b50af5fb6f75350b2e696e0792632e16e @wsargent committed May 8, 2012
View
@@ -1,7 +1,7 @@
import models.User
+import org.apache.shiro.mgt.{DefaultSessionStorageEvaluator, DefaultSubjectDAO, DefaultSecurityManager}
import play.api._
-import org.apache.shiro.mgt.DefaultSecurityManager
import security._
/**
@@ -25,6 +25,13 @@ object ShiroConfig {
val sampleRealm = new SampleRealm()
val securityManager = new DefaultSecurityManager()
securityManager.setRealm(sampleRealm)
+
+ // Turn off session storage for better "stateless" management.
+ // https://shiro.apache.org/session-management.html#SessionManagement-StatelessApplications%2528Sessionless%2529
+ val subjectDAO = securityManager.getSubjectDAO.asInstanceOf[DefaultSubjectDAO]
+ val sessionStorageEvaluator = subjectDAO.getSessionStorageEvaluator.asInstanceOf[DefaultSessionStorageEvaluator]
+ sessionStorageEvaluator.setSessionStorageEnabled(false)
+
org.apache.shiro.SecurityUtils.setSecurityManager(securityManager)
}
@@ -5,6 +5,7 @@ import views.html
import play.api._
import play.api.mvc._
import play.api.data._
+import play.api.data.Forms._
import models.User
@@ -19,7 +20,7 @@ object Login extends Controller {
// -- Authentication
val loginForm = Form(
- of(
+ tuple(
"email" -> email,
"password" -> text
) verifying ("Invalid email or password", result => result match {
@@ -6,6 +6,7 @@ import models._
import play.api.mvc._
import play.api.data._
+import play.api.data.Forms._
/**
*
@@ -17,7 +18,7 @@ object Register extends Controller {
val registerForm = Form(
- of(
+ tuple(
"email" -> text,
"password" -> text
) verifying("Cannot register user", result => result match {
View
@@ -24,18 +24,15 @@ object User {
* Parse a User from a ResultSet
*/
val simple = {
- get[String]("user.email") ~/
- get[String]("user.password") ^^ {
- case email~password => User(email, password)
- }
+ get[String]("user.email") ~ get[String]("user.password") map { case email~password => User(email, password) }
}
def findByEmail(email: String): Option[User] = {
DB.withConnection {
implicit connection =>
SQL("select * from user where email = {email}").on(
'email -> email
- ).as(User.simple ?)
+ ).as(User.simple.singleOpt)
}
}
@@ -46,6 +43,10 @@ object User {
}
}
+ def attach(token:String) {
+ SecurityUtils.getSubject.login(token)
+ }
+
def authenticate(email: String, password: String): Boolean = {
// Use shiro to pass through a username password token.
val token = new UsernamePasswordToken(email, password)
@@ -18,19 +18,26 @@ import models.User
class SampleRealm extends AuthorizingRealm {
override protected def doGetAuthenticationInfo(token: AuthenticationToken): AuthenticationInfo = {
- val upToken = token.asInstanceOf[UsernamePasswordToken]
- val username = upToken.getUsername
- checkNotNull(username, "Null usernames are not allowed by this realm.")
+ if (token.isInstanceOf[UsernamePasswordToken]) {
- // retrieve the 'real' user password
- val password = passwordOf(username)
- checkNotNull(password, "No account found for user [" + username + "]")
+ }
+ val upToken = token.asInstanceOf[UsernamePasswordToken]
+
+ val username = upToken.getUsername
+ checkNotNull(username, "Null usernames are not allowed by this realm.")
+
+ // retrieve the 'real' user password
+ val password = passwordOf(username)
+
+ checkNotNull(password, "No account found for user [" + username + "]")
+
+ // return the 'real' info for username, security manager is then responsible
+ // for checking the token against the provided info
+ return new SimpleAuthenticationInfo(username, password, getName)
+
- // return the 'real' info for username, security manager is then responsible
- // for checking the token against the provided info
- new SimpleAuthenticationInfo(username, password, getName)
}
override def getCredentialsMatcher = new CredentialsMatcher() {
@@ -52,7 +59,7 @@ class SampleRealm extends AuthorizingRealm {
}
def doGetAuthorizationInfo(principals: PrincipalCollection):AuthorizationInfo = {
- checkNotNull(principals, "PrincipalCollection method argument cannot be null.")
+ //checkNotNull(principals, "PrincipalCollection method argument cannot be null.")
import scala.collection.JavaConversions._
val username = principals.getPrimaryPrincipal.asInstanceOf[String]
@@ -70,7 +77,7 @@ class SampleRealm extends AuthorizingRealm {
}
}
- private def checkNotNull(reference: AnyRef, message: String) {
+ private def checkNotNull(reference: String, message: String) {
if (reference == null) {
throw new AuthenticationException(message)
}
View
@@ -9,12 +9,11 @@ object ApplicationBuild extends Build {
val appDependencies = Seq(
"org.jasypt" % "jasypt" % "1.7",
- "org.apache.shiro" % "shiro-core" % "1.1.0"
- // Add your project dependencies here,
+ "org.apache.shiro" % "shiro-core" % "1.2.0"
)
val main = PlayProject(appName, appVersion, appDependencies, mainLang = SCALA).settings(
- // Add your own project settings here
+ resolvers += "Apache Snapshot repository" at "https://repository.apache.org/content/repositories/snapshots/"
)
}
@@ -1 +1 @@
-sbt.version=0.11.0
+sbt.version=0.11.2
View
@@ -1,14 +1,13 @@
resolvers ++= Seq(
DefaultMavenRepository,
- Resolver.url("Local Repository", url("file:///Users/wsargent/play-2.0-RC1-SNAPSHOT/repository")),
Resolver.url("Play", url("http://download.playframework.org/ivy-releases/"))(Resolver.ivyStylePatterns),
"Typesafe Repository" at "http://repo.typesafe.com/typesafe/releases/",
"Typesafe Other Repository" at "http://repo.typesafe.com/typesafe/repo/",
"sbt-idea-repo" at "http://mpeltonen.github.com/maven/"
)
-addSbtPlugin("com.github.mpeltonen" % "sbt-idea" % "0.11.0")
+addSbtPlugin("com.github.mpeltonen" % "sbt-idea" % "1.0.0")
addSbtPlugin("com.typesafe.sbteclipse" % "sbteclipse" % "1.5.0")
-addSbtPlugin("play" % "sbt-plugin" % "2.0-RC1-SNAPSHOT")
+addSbtPlugin("play" % "sbt-plugin" % "2.0.1")

0 comments on commit ab421b7

Please sign in to comment.