11:09 a.m.
Hello
I search a sample with aerogear and security server
in client
private AuthenticationModule authModule;
private String baseURL = "http://localhost:8080/servicos/service/auth";
private TextView status;
private Button login;
private Button logout;
private static final String LOG_TAG = login.class.getName();
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Authenticator authenticator = new Authenticator(baseURL);
AuthenticationConfig authenticationConfig = new
AuthenticationConfig();
// authenticationConfig.setAuthType(AuthTypes.HTTP_BASIC);
authenticationConfig.setLoginEndpoint("/login");
authenticationConfig.setLogoutEndpoint("/logout");
authModule = authenticator.auth("login", authenticationConfig);
status = (TextView) findViewById(R.id.editText1);
login = (Button) findViewById(R.id.button1);
logout = (Button) findViewById(R.id.Button01);
button = (Button) findViewById(R.id.button1);
/* // Capture button clicks
button.setOnClickListener(new OnClickListener() {
public void onClick(View arg0) {
// Start NewActivity.class
Intent myIntent = new Intent(MainActivity.this,
login.class);
startActivity(myIntent);
}
});*/
login.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
authModule.login("nome", "senha", new
AbstractActivityCallback<HeaderAndBody>() {
@Override
public void onSuccess(HeaderAndBody data) {
Log.d(LOG_TAG, "Received ID: " + data.toString() );
logged(true);
// Start NewActivity.class
Intent myIntent = new Intent(MainActivity.this,
br.gov.pr.dc.sisdc.activities.MapActivity.class);
startActivity(myIntent);
// Toast.makeText(getActivity(), "logado",
Toast.LENGTH_SHORT).show();
}
@Override
public void onFailure(Exception e) {
displayError(e.getMessage());
// Toast.makeText(getActivity(), "erro",
Toast.LENGTH_SHORT).show();
Log.d(LOG_TAG, "error: " + e );
Intent myIntent = new Intent(MainActivity.this,
br.gov.pr.dc.sisdc.activities.MapActivity.class);
startActivity(myIntent);
}
});
}
});
is ok
but how to use the rest in android is authenticate and authorize cripty
token push etc... in other REST service?
is session? is value how?
...
URL BASE_URL = new URL("http://localhost:8080/servicos/service/");
PageConfig pageConfig = new PageConfig();
pageConfig.setLimitValue(5);
pageConfig.setMetadataLocation(PageConfig.MetadataLocations.WEB_LINKING);
PipeConfig pipeConfig = new PipeConfig(BASE_URL, AbrigoVO.class);
pipeConfig.setEndpoint("pessoa");
pipeConfig.setPageConfig(pageConfig);
pipeline = new Pipeline(BASE_URL);
pipeline.pipe(pessoaVO.class, pipeConfig);
LoaderPipe<pessoaVO> pipes = pipeline.get("pessoavo", mContext);
//LoaderPipe<pessoaVO> pipes = this.pipeline.get("pessoavo", fragment,
mContext);
//TODO
https://github.com/aerogear/aerogear-aerodoc-android/blob/master/src/org/...
pipes.read(readCallback);
Log.d(LOG_TAG, "Received ID: " );
return null;
} catch (Exception e) {
// TODO Need error handling
Log.e(LOG_TAG, e.getLocalizedMessage(), e);
Log.e(LOG_TAG, "sem serviço", e);
e.printStackTrace();
return null;
}
...
and security server jboss 7 ??
@Path("/pessoa/")
public interface pessoaResource {
@Produces(MediaType.APPLICATION_JSON)
public Response listar();
@GET
@Path("/{codigo}")
@Produces(MediaType.APPLICATION_JSON)
public Response obter(@PathParam("codigo") Long idpessoa);
}
i add
@Inject
private IdentityManagement configuration;
@Inject
private AuthenticationManager authenticationManager;
and
<interceptors>
<class>org.jboss.aerogear.security.interceptor.SecurityInterceptor</class>
</interceptors>
and
@Secure("admin")
but error injection
WELD-001408 Unsatisfied dependencies for type [EntityManager] with
qualifiers [@Default] at injection point [[field] @Inject private
org.jboss.aerogear.security.shiro.authz.GrantConfiguration.entityManager]
examples JaxRS and shiro and demo not funcional of soluction server and
client android
i connect database login password e groups for login
how to keep the connected User? have database or saved in the session?
can someone give me a practical example for using rest client server?
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
6:52 a.m.
Good morning Marcelo, I’m not an Android specialist or anything, but speaking about
AeroGear. The team worked to keep the symmetry between the APIs, so it doesn’t matter
which backend do you have.
I couldn’t understand what do you mean by "authorize cripty token push”. To make use
of REST, take a look at the Android cookbook
(https://github.com/aerogear/aerogear-android-cookbook), more
specifically https://github.com/aerogear/aerogear-android-cookbook/tree/5....
In addition check our documentation at https://aerogear.org
Regarding which server should you use. The answer is whatever you want, our clients are
not tied to JBoss.
Speaking about the server not be functional, we are open for suggestions or send patches.
Currently the following projects are running the authentication bits with no problems:
- https://github.com/aerogear/aerogear-jaxrs-demo
- https://github.com/aerogear/aerogear-integration-tests-server
- https://github.com/aerogear/aerogear-unifiedpush-server
But if something is missing or not working, I’m open for suggestions.
--
abstractj
On March 10, 2014 at 1:28:33 PM, marceloheck (marceloheck(a)gmail.com) wrote:
Hello
I search a sample with aerogear and security server
in client
private AuthenticationModule authModule;
private String baseURL = "http://localhost:8080/servicos/service/auth";
private TextView status;
private Button login;
private Button logout;
private static final String LOG_TAG = login.class.getName();
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Authenticator authenticator = new Authenticator(baseURL);
AuthenticationConfig authenticationConfig = new
AuthenticationConfig();
// authenticationConfig.setAuthType(AuthTypes.HTTP_BASIC);
authenticationConfig.setLoginEndpoint("/login");
authenticationConfig.setLogoutEndpoint("/logout");
authModule = authenticator.auth("login", authenticationConfig);
status = (TextView) findViewById(R.id.editText1);
login = (Button) findViewById(R.id.button1);
logout = (Button) findViewById(R.id.Button01);
button = (Button) findViewById(R.id.button1);
/* // Capture button clicks
button.setOnClickListener(new OnClickListener() {
public void onClick(View arg0) {
// Start NewActivity.class
Intent myIntent = new Intent(MainActivity.this,
login.class);
startActivity(myIntent);
}
});*/
login.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
authModule.login("nome", "senha", new
AbstractActivityCallback() {
@Override
public void onSuccess(HeaderAndBody data) {
Log.d(LOG_TAG, "Received ID: " + data.toString() );
logged(true);
// Start NewActivity.class
Intent myIntent = new Intent(MainActivity.this,
br.gov.pr.dc.sisdc.activities.MapActivity.class);
startActivity(myIntent);
// Toast.makeText(getActivity(), "logado",
Toast.LENGTH_SHORT).show();
}
@Override
public void onFailure(Exception e) {
displayError(e.getMessage());
// Toast.makeText(getActivity(), "erro",
Toast.LENGTH_SHORT).show();
Log.d(LOG_TAG, "error: " + e );
Intent myIntent = new Intent(MainActivity.this,
br.gov.pr.dc.sisdc.activities.MapActivity.class);
startActivity(myIntent);
}
});
}
});
is ok
but how to use the rest in android is authenticate and authorize cripty
token push etc... in other REST service?
is session? is value how?
...
URL BASE_URL = new URL("http://localhost:8080/servicos/service/");
PageConfig pageConfig = new PageConfig();
pageConfig.setLimitValue(5);
pageConfig.setMetadataLocation(PageConfig.MetadataLocations.WEB_LINKING);
PipeConfig pipeConfig = new PipeConfig(BASE_URL, AbrigoVO.class);
pipeConfig.setEndpoint("pessoa");
pipeConfig.setPageConfig(pageConfig);
pipeline = new Pipeline(BASE_URL);
pipeline.pipe(pessoaVO.class, pipeConfig);
LoaderPipe pipes = pipeline.get("pessoavo", mContext);
//LoaderPipe pipes = this.pipeline.get("pessoavo", fragment,
mContext);
//TODO
https://github.com/aerogear/aerogear-aerodoc-android/blob/master/src/org/...
pipes.read(readCallback);
Log.d(LOG_TAG, "Received ID: " );
return null;
} catch (Exception e) {
// TODO Need error handling
Log.e(LOG_TAG, e.getLocalizedMessage(), e);
Log.e(LOG_TAG, "sem serviço", e);
e.printStackTrace();
return null;
}
...
and security server jboss 7 ??
@Path("/pessoa/")
public interface pessoaResource {
@Produces(MediaType.APPLICATION_JSON)
public Response listar();
@GET
@Path("/{codigo}")
@Produces(MediaType.APPLICATION_JSON)
public Response obter(@PathParam("codigo") Long idpessoa);
}
i add
@Inject
private IdentityManagement configuration;
@Inject
private AuthenticationManager authenticationManager;
and
org.jboss.aerogear.security.interceptor.SecurityInterceptor
and
@Secure("admin")
but error injection
WELD-001408 Unsatisfied dependencies for type [EntityManager] with
qualifiers [@Default] at injection point [[field] @Inject private
org.jboss.aerogear.security.shiro.authz.GrantConfiguration.entityManager]
examples JaxRS and shiro and demo not funcional of soluction server and
client android
i connect database login password e groups for login
how to keep the connected User? have database or saved in the session?
can someone give me a practical example for using rest client server?
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
12:25 p.m.
Ola bruno , vou te escrever assim mesmo
fizemos o lado do android e faz login em um rest tudo ok,
o lado do servidor é que esta complicado , usamos jboss 7 e temos suporte
contratado da redhat , não sei se vcs são contratados deles e podem prestar
esse suporte podemos conversar melhor...
O aerogear no lado do servidor ligando com o android com segurança esta
nosso problema, como não usamos barramento, precisamos usar token
,criptografia, push, ou todas pra proteger esse rest entre o android e o
server.
Como o aerogear ( pode ser com shiro) pode ser usado nesse conjunto, fizemos
segundo o modelo com o exemplo e colocando o interceptors, fazendo inject ou
não e temos um problema, fazemos o login , retorna ok e como o android e o
servidor ficam se comunicando depois disso? na próxima chamada rest de dados
.... e se o grupo de segurança trava acesso no ejb , pelos exemplos fica
muito superficial não conseguimos ver isso funcionando com android
não sei se consegui explicar direito , parece que em versões anteriores do
aerogear passava token e agora isso é feito por baixo ou não , estamos
trabalhando a um tempo e quase desistindo porque não conseguimos integrar e
não achamos um exemplo que faça e tem pouca coisa na web sobre o aerogear
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
3:19 a.m.
Hello Marcelo,
thanks for the interest on AeroGear. This mailing list is an English one;
Please state your questions in English. This simply allows the entire
community to benefit from your questions and potential answers.
Thanks!
Matthias
2014-03-11 18:25 GMT+01:00 marceloheck <marceloheck(a)gmail.com>:
Ola bruno , vou te escrever assim mesmo
fizemos o lado do android e faz login em um rest tudo ok,
o lado do servidor é que esta complicado , usamos jboss 7 e temos suporte
contratado da redhat , não sei se vcs são contratados deles e podem prestar
esse suporte podemos conversar melhor...
O aerogear no lado do servidor ligando com o android com segurança esta
nosso problema, como não usamos barramento, precisamos usar token
,criptografia, push, ou todas pra proteger esse rest entre o android e o
server.
Como o aerogear ( pode ser com shiro) pode ser usado nesse conjunto,
fizemos
segundo o modelo com o exemplo e colocando o interceptors, fazendo inject
ou
não e temos um problema, fazemos o login , retorna ok e como o android e o
servidor ficam se comunicando depois disso? na próxima chamada rest de
dados
.... e se o grupo de segurança trava acesso no ejb , pelos exemplos fica
muito superficial não conseguimos ver isso funcionando com android
não sei se consegui explicar direito , parece que em versões anteriores do
aerogear passava token e agora isso é feito por baixo ou não , estamos
trabalhando a um tempo e quase desistindo porque não conseguimos integrar e
não achamos um exemplo que faça e tem pouca coisa na web sobre o aerogear
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
6:42 a.m.
sorry Matthias! thanks for you response,
I replied in Portuguese to answer doubts bruno
because we really need to solve, or we abandon aerogear
The AEROGEAR on the server side calling with android safely this our problem
, as we do not use the bus, we need to use token , encryption , push , or
all to protect that rest between the android and the server .
As the AEROGEAR ( can be with Shiro ) can be used in this set , we modeled
the example and putting the interceptors , inject or not doing and we have a
problem , do the login, and returns ok as android and server are left
communicating after that? the next call .... rest data and the security
group access hangs in ejb , by the examples gets very shallow can not see it
working with android
do not know if I could explain it , it seems that in earlier versions of
AEROGEAR token passed and now it is done underneath or not , we are working
at a time and almost gave up because I could not integrate and could not
find an example that does and has little in aerogear
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
9:18 a.m.
Hi Marcelo, answers inline.
--
abstractj
On March 12, 2014 at 8:42:10 AM, marceloheck (marceloheck(a)gmail.com) wrote:
> sorry Matthias! thanks for you response,
I replied in Portuguese to answer doubts bruno
As Matthias said ML is not a one to one conversation, otherwise people won’t benefit of
this discussion.
because we really need to solve, or we abandon aerogear
That would be bad, but at the same time is hard to guess what’s happening if you do not
provide details.
The AEROGEAR on the server side calling with android safely this
our problem
, as we do not use the bus, we need to use token , encryption , push
, or
all to protect that rest between the android and the server .
It seems to me too generic. Please make sure to provide more details like:
- What are you trying to do on the server side?
- Which version of JBoss, AG are you running on the server? Which modules?
- What are you trying to do on the client side?
- Do you have stacktraces? That would help
- Our documentation is clear? What’s missing? What kind of example do you want?
- Have you tried the cookbooks? Are they enough?
As the AEROGEAR ( can be with Shiro ) can be used in this set , we modeled
AeroGear can be used with any thing as I mentioned before. We are not tied to a single
server solution.
the example and putting the interceptors , inject or not doing
and we have a
problem , do the login, and returns ok as android and server are
left
Have you managed to login using Shiro *only* and send cURL HTTP requests? How your
endpoint looks like?
communicating after that? the next call .... rest data and the
security
group access hangs in ejb , by the examples gets very shallow can
How does it work with cURL, wget?
not see it
working with android
do not know if I could explain it , it seems that in earlier versions
I could barely understand due to the lack of details about what’s going on the server.
Maybe stacktraces, code snippets, gists would be nice.
of
AEROGEAR token passed and now it is done underneath or not , we
are working
at a time and almost gave up because I could not integrate and could
not
find an example that does and has little in aerogear
The authorization token was provided by PicketBox, I guess 1 year and a half ago, but
removed once we moved to PicketLink. Keep in mind that you don’t need: AeroGear Security,
AeroGear Security Picketlink or AeroGear Security Shiro on the server — They are just a
dozen of class wrappers to make the bare minimum simple, if you want to go advance, you
must use the plain APIs from Shiro.
I strongly recommend you to use plain Shiro on the server and integrate it with AeroGear
Android.
11:47 a.m.
hi bruno thank you!
In android I used the example of the cookbook and it worked
the server try to use the example of jaxrs and I could not
try using aerogear-security-shiro and could not,
have an equal jaxrs example but using shiro?
infos:
i use android native in client and jboss7.1(ejb jpa resteasy jdk6 jee6) in
server
database of users and profile and data, I seek a REST/JSON in a tomcat 5
(legacy system)
sample sequence:
>>>>>>>>>android native send aerogear login
<<<<<<<<
private AuthenticationModule authModule;
private String baseURL =
"http://localhost:8080/servicos/service/auth";
private TextView status;
private Button login;
private Button logout;
private static final String LOG_TAG = login.class.getName();
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Authenticator authenticator = new Authenticator(baseURL);
AuthenticationConfig authenticationConfig = new
AuthenticationConfig();
authenticationConfig.setLoginEndpoint("/login");
authenticationConfig.setLogoutEndpoint("/logout");
authModule = authenticator.auth("login",
authenticationConfig);
status = (TextView) findViewById(R.id.editText1);
login = (Button) findViewById(R.id.button1);
logout = (Button) findViewById(R.id.Button01);
button = (Button) findViewById(R.id.button1);
login.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
authModule.login("jhon", "123", new
AbstractActivityCallback<HeaderAndBody>() {
}
>>>>>>>>server receive
<<<<<<<<<<<
(is my problem ) (wanted an example
here )(queria um exemplo disso aqui no
shiro )
@Path("/auth")
public class LoginEndpoint {
private static final Logger LOGGER =
Logger.getLogger(LoginEndpoint.class.getSimpleName());
// @Inject
private AuthenticationManager authenticationManager;
@POST
@Path("/login")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public Response login(User simpleUser) {
User user = new User(simpleUser.getUsername(),
simpleUser.getPassword());
authenticationManager.login(user, simpleUser.getPassword());
//return simpleUser;
return Response.status(Status.OK).entity(user).build();
}
>>>>>>>>>>>>>> android
receive <<<<<<<<<<<<<<<<<<
@Override
public void onSuccess(HeaderAndBody data) {
Log.d(LOG_TAG, "Received ID: " + data.toString() );
logged(true);
Toast.makeText(getActivity(), "logado",
Toast.LENGTH_SHORT).show();
}
---------(as the android saves login, as he knows that this logged? need
sample) -------
>>>>>>>>>>>>>>> android
send next requisition <<<<<<<<<<
URL BASE_URL = new URL("http://localhost:8080/servicos/service/");
PageConfig pageConfig = new PageConfig();
pageConfig.setLimitValue(5);
pageConfig.setMetadataLocation(PageConfig.MetadataLocations.WEB_LINKING);
PipeConfig pipeConfig = new PipeConfig(BASE_URL,
AbrigoVO.class);
pipeConfig.setEndpoint("pessoa");
pipeConfig.setPageConfig(pageConfig);
pipeline = new Pipeline(BASE_URL);
pipeline.pipe(pessoaVO.class, pipeConfig);
LoaderPipe<pessoaVO> pipes =
pipeline.get("pessoavo", mContext);
pipes.read(readCallback);
return null;
} catch (Exception e) {
// TODO Need error handling
Log.e(LOG_TAG, e.getLocalizedMessage(), e);
Log.e(LOG_TAG, "sem serviço", e);
e.printStackTrace();
return null;
}
---------next pipe in login? how call security rest? necessary is send login
again? -------
>>>>>>>>>>>>>>server
received and response<<<<<<<<<<
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response listar();
--------how use @secure("admin)? -------- is necessary a sample -----
>>>>>>>>>>>>>>>the
end<<<<<<<<<<<<<<<<<<
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
8:31 a.m.
Good morning Marcelo, sorry if I didn’t get back to you sooner. As I told you, you don’t
need AG Security. Thinking about it, I wrote a PoC with Apache Shiro to be tested against
AeroGear Android, please take a look: https://github.com/abstractj/example-jaxrs-shiro
Passos already tested it with AG Android Cookbook.
I hope it helps.
--
abstractj
On March 12, 2014 at 1:47:46 PM, marceloheck (marceloheck(a)gmail.com) wrote:
hi bruno thank you!
In android I used the example of the cookbook and it worked
the server try to use the example of jaxrs and I could not
try using aerogear-security-shiro and could not,
have an equal jaxrs example but using shiro?
infos:
i use android native in client and jboss7.1(ejb jpa resteasy jdk6 jee6) in
server
database of users and profile and data, I seek a REST/JSON in a tomcat 5
(legacy system)
sample sequence:
>>>>>>>>>>android native send aerogear login
<<<<<<<<
private AuthenticationModule authModule;
private String baseURL =
"http://localhost:8080/servicos/service/auth";
private TextView status;
private Button login;
private Button logout;
private static final String LOG_TAG = login.class.getName();
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Authenticator authenticator = new Authenticator(baseURL);
AuthenticationConfig authenticationConfig = new
AuthenticationConfig();
authenticationConfig.setLoginEndpoint("/login");
authenticationConfig.setLogoutEndpoint("/logout");
authModule = authenticator.auth("login",
authenticationConfig);
status = (TextView) findViewById(R.id.editText1);
login = (Button) findViewById(R.id.button1);
logout = (Button) findViewById(R.id.Button01);
button = (Button) findViewById(R.id.button1);
login.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
authModule.login("jhon", "123", new
AbstractActivityCallback() {
}
>>>>>>>>>server receive
<<<<<<<<<<<
(is my problem ) (wanted an example here )(queria um exemplo disso aqui no
shiro )
@Path("/auth")
public class LoginEndpoint {
private static final Logger LOGGER =
Logger.getLogger(LoginEndpoint.class.getSimpleName());
// @Inject
private AuthenticationManager authenticationManager;
@POST
@Path("/login")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public Response login(User simpleUser) {
User user = new User(simpleUser.getUsername(),
simpleUser.getPassword());
authenticationManager.login(user, simpleUser.getPassword());
//return simpleUser;
return Response.status(Status.OK).entity(user).build();
}
>>>>>>>>>>>>>>> android receive
<<<<<<<<<<<<<<<<<<
@Override
public void onSuccess(HeaderAndBody data) {
Log.d(LOG_TAG, "Received ID: " + data.toString() );
logged(true);
Toast.makeText(getActivity(), "logado",
Toast.LENGTH_SHORT).show();
}
---------(as the android saves login, as he knows that this logged? need
sample) -------
>>>>>>>>>>>>>>>> android send next
requisition <<<<<<<<<<
URL BASE_URL = new URL("http://localhost:8080/servicos/service/");
PageConfig pageConfig = new PageConfig();
pageConfig.setLimitValue(5);
pageConfig.setMetadataLocation(PageConfig.MetadataLocations.WEB_LINKING);
PipeConfig pipeConfig = new PipeConfig(BASE_URL,
AbrigoVO.class);
pipeConfig.setEndpoint("pessoa");
pipeConfig.setPageConfig(pageConfig);
pipeline = new Pipeline(BASE_URL);
pipeline.pipe(pessoaVO.class, pipeConfig);
LoaderPipe pipes =
pipeline.get("pessoavo", mContext);
pipes.read(readCallback);
return null;
} catch (Exception e) {
// TODO Need error handling
Log.e(LOG_TAG, e.getLocalizedMessage(), e);
Log.e(LOG_TAG, "sem serviço", e);
e.printStackTrace();
return null;
}
---------next pipe in login? how call security rest? necessary is send login
again? -------
>>>>>>>>>>>>>>>server received and
response<<<<<<<<<<
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response listar();
--------how use @secure("admin)? -------- is necessary a sample -----
>>>>>>>>>>>>>>>>the
end<<<<<<<<<<<<<<<<<<
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
1:45 p.m.
hello bruno
thanks for the reply
I tested what we did and managed to make it work on my program
but the problem is with two users, one role simple and the other role admin
different tablet a just login and get the rest, there is another login and
get the rest when I go back to using the first has lost the use
work for as many simultaneous users?
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
8:04 a.m.
Not sure if I’m following you this Marcelo, but what are the detailed steps to reproduce
the issue?
--
abstractj
On April 4, 2014 at 3:45:27 PM, marceloheck (marceloheck(a)gmail.com) wrote:
> but the problem is with two users, one role simple and the other
role admin
different tablet a just login and get the rest, there is another
login and
get the rest when I go back to using the first has lost the use
work for as many simultaneous users?
11:23 a.m.
hello , sorry , i will try to explain
a changed project jaxrs shiro to running WildFly 8.0.0.Final:
remove interface IdentityManagement
interceptor jar web.xml
<interceptors>
<class>org.jboss.aerogear.security.interceptor.SecurityInterceptor</class>
</interceptors>
and change IdentityManagementImpl
@ShiroSecurity //for Secure.java
@Default
@ApplicationScoped
public class* IdentityManagementImpl* implements IdentityManagement<User> {
@Override
public boolean hasRoles(Set<String> roles) {
return subject.hasAllRoles(roles);
}
...
i changed service/
@GET
@Path("/bacon")
@Produces(MediaType.APPLICATION_JSON)
@Secure("simple")
public List<String> bacons() {
return Arrays.asList(new String[]{"bacon", "Jowl",
"Canadian",
"Speck", "Pancetta"});
}
@GET
@Path("/livre")
@Produces(MediaType.APPLICATION_JSON)
public List<String> livre() {
return Arrays.asList(new String[]{"livre", "Jowl",
"Canadian",
"Speck", "Pancetta"});
}
@GET
@Path("/cerveja")
@Produces(MediaType.APPLICATION_JSON)
@Secure("admin")
public List<String> beers() {
return Arrays.asList(new String[]{"cerveja", "California",
"Michigan", "Ireland", "British"});
}
my problem in login and autorization service
i login (mar is role "simple")
curl -3 -v -b cookies.txt -c cookies.txt -H "Accept: application/json" -H
"Content-type: application/json" -d
'{"loginName":"mar","password":"123"}'
-X POST http://localhost:8080/appteste/rest/auth/login
HTTP 200: Authorized
curl -b --cookie -v -X GET http://localhost:8080/appteste/rest/list/bacon
HTTP 401: Unauthorized
curl -b --cookie -v -X GET http://localhost:8080/appteste/rest/list/cerveja
and is ok
but
another pc
i login (adm is role "adm")
curl -3 -v -b cookies.txt -c cookies.txt -H "Accept: application/json" -H
"Content-type: application/json" -d
'{"loginName":"adm","password":"123"}'
-X POST http://localhost:8080/appteste/rest/auth/login
HTTP 200: Authorized
curl -b --cookie -v -X GET http://localhost:8080/appteste/rest/list/cerveja
HTTP 401: Unauthorized
curl -b --cookie -v -X GET http://localhost:8080/appteste/rest/list/bacon
is ok
now i request again user mar , mar not access rest
two users not login in one application
in mobile too
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
noon
Hi Marcelo, that example is not fully complete, was just to showcase that the same could
be achieved without AG Security. Also, I strongly recommend you to change and adapt to
your real scenario.
I did the test to reproduce the issue here
(https://github.com/abstractj/example-jaxrs-shiro):
- Register Lisa and Bart
curl -3 -v -b cookies.txt -c cookies.txt -H "Accept: application/json" -H
"Content-type: application/json" -d
'{"loginName":"bart","password":"123"}' -X
POST http://localhost:8080/example-jaxrs-shiro/rest/auth/enroll
curl -3 -v -b cookies.txt -c cookies.txt -H "Accept: application/json" -H
"Content-type: application/json" -d
'{"loginName":"lisa","password":"123"}' -X
POST http://localhost:8080/example-jaxrs-shiro/rest/auth/enroll
- Login with Lisa and Bart
curl -3 -v -b cookies.txt -c cookies.txt -H "Accept: application/json" -H
"Content-type: application/json" -d
'{"loginName":"bart","password":"123"}' -X
POST http://localhost:8080/example-jaxrs-shiro/rest/auth/login
curl -3 -v -b cookies.txt -c cookies.txt -H "Accept: application/json" -H
"Content-type: application/json" -d
'{"loginName":"lisa","password":"123"}' -X
POST http://localhost:8080/example-jaxrs-shiro/rest/auth/login
Maybe the session is not being closed during logout, not sure. For specifics to Shiro,
please ask at http://shiro-user.582556.n2.nabble.com
--
abstractj
On April 7, 2014 at 1:24:03 PM, marceloheck (marceloheck(a)gmail.com) wrote:
hello , sorry , i will try to explain
a changed project jaxrs shiro to running WildFly 8.0.0.Final:
remove interface IdentityManagement
interceptor jar web.xml
org.jboss.aerogear.security.interceptor.SecurityInterceptor
and change IdentityManagementImpl
@ShiroSecurity //for Secure.java
@Default
@ApplicationScoped
public class* IdentityManagementImpl* implements IdentityManagement {
@Override
public boolean hasRoles(Set roles) {
return subject.hasAllRoles(roles);
}
...
i changed service/
@GET
@Path("/bacon")
@Produces(MediaType.APPLICATION_JSON)
@Secure("simple")
public List bacons() {
return Arrays.asList(new String[]{"bacon", "Jowl",
"Canadian",
"Speck", "Pancetta"});
}
@GET
@Path("/livre")
@Produces(MediaType.APPLICATION_JSON)
public List livre() {
return Arrays.asList(new String[]{"livre", "Jowl",
"Canadian",
"Speck", "Pancetta"});
}
@GET
@Path("/cerveja")
@Produces(MediaType.APPLICATION_JSON)
@Secure("admin")
public List beers() {
return Arrays.asList(new String[]{"cerveja", "California",
"Michigan", "Ireland", "British"});
}
my problem in login and autorization service
i login (mar is role "simple")
curl -3 -v -b cookies.txt -c cookies.txt -H "Accept: application/json" -H
"Content-type: application/json" -d
'{"loginName":"mar","password":"123"}'
-X POST http://localhost:8080/appteste/rest/auth/login
HTTP 200: Authorized
curl -b --cookie -v -X GET http://localhost:8080/appteste/rest/list/bacon
HTTP 401: Unauthorized
curl -b --cookie -v -X GET http://localhost:8080/appteste/rest/list/cerveja
and is ok
but
another pc
i login (adm is role "adm")
curl -3 -v -b cookies.txt -c cookies.txt -H "Accept: application/json" -H
"Content-type: application/json" -d
'{"loginName":"adm","password":"123"}'
-X POST http://localhost:8080/appteste/rest/auth/login
HTTP 200: Authorized
curl -b --cookie -v -X GET http://localhost:8080/appteste/rest/list/cerveja
HTTP 401: Unauthorized
curl -b --cookie -v -X GET http://localhost:8080/appteste/rest/list/bacon
is ok
now i request again user mar , mar not access rest
two users not login in one application
in mobile too
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
1:31 p.m.
yes i understand in your sample
i removed AG security now
my app is ok for 2 users , but lisa e bart is role equal (simple)
but if lisa is admin , for error test in 2 computer
list bart user (simple) and lisa admin
curl -b --cookie -v -X GET
http://localhost:8080/example-jaxrs-shiro/rest/grocery/bacons
curl -b --cookie -v -X GET
http://localhost:8080/example-jaxrs-shiro/rest/grocery/beers
bart view bacons and
lisa view beers
but error is this, not functional
bart block lisa or lisa block bart in server
sorry do not know if I'm able to explain
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-security-and-android-t...
Sent from the aerogear-dev mailing list archive at Nabble.com.
3916
days inactive
3944
days old
12 comments
3 participants
participants (3)
-
Bruno Oliveira -
marceloheck -
Matthias Wessendorf