jdbcrealm

List, I have actually searched extensively on this topic and either a) I don't know how to configure something and/or b) I don't quite understand what a JNDI Realm actually is supposed to do. I am using Tomcat 7.0.32 with jdk 1.7.0_15. Here is what I want to do. I work with customers that use PKI User Certificates. The user certificates have a cn like "Joe Smith". What I need to be able to do is look up this CN in LDAP and get the users id, which may be something like "jsmith23", and populate the Principal user in the request header. The reason for this is I have an application deployed in

I am attempting to use the Shiro JdbcRealm and SHA256 hashedcredentialsMatcher. I need to update a legacy database and assign the appropriate salt for each user (via a batch routine). how do I get/set the salt for a given account using the Shiro framework? Max With Shiro 1.2.3 all you need to do is: Extend JdbcRealm and set salt style. public class JdbcSaltRealm extends JdbcRealm { public JdbcSaltRealm() { setSaltStyle(SaltStyle.COLUMN); } } Update shiro.ini to use extended realm and to get salt column from DB credentialsMatcher = org.apache.shiro.authc.credential.HashedCredentialsMatcher

I have implemented a Java EE security realm that redirects users to login.jsp if they try and access a protected resource. Say a user wants to go to a protected url - http://mywebapp/shopping_cart which is mapped to ShoppingCartServlet As they are not logged in Glassfish directs them to login.jsp They then enter their username and password and click Login and the information gets POSTed to http://mywebapp/j_security_check If they have entered the correct details they are then redirected to the servlet that handles the url http://mywebapp/shopping_cart Now I want to pull the user's details from

I've recently updated Glassfish from 3.1.2 to 4.0 and wanted to set up a JDBCRealm that I used before on my app which uses FORM based authentication. The passwords are hashed with SHA-256 in the database (that is the default Digest Algorithm option). The realm has a property that became mandatory in this Glassfish version: Password Encryption Algorithm. Quite incredibly, the official Glassfish documentation says it's optional, and the note under the input field says it is a risk to leave it empty, however you cannot leave it empty as it is mandatory. I cannot log in in my app that was working

I am having a simple Java web application with not more than 20-25 users who would be logged in. I am currently using tomcat server to host it and am using the UderDatabaseRealm for access control. I would like to add a feature to this application wherein the administrator can add users to the system through the application itself. I would like to know is it possible to programmatically add users to this file. One method I can think of is to open the tomcat_users.xml file within my application and do XML manipulation to add the users. Is there a better way than this? My realm is configured in