Shiro Ini file

[wassimz]

I have just a small question, as we are using the database as a support for user authentication (user entity on the backend package), why the shiro ini file still exist

Thanks for helps

[peterl1084]

With shiro.ini you can configure any kind of realm for accessing the user and credential records. Shiro defaults to ini realm if it does not have anything configured but just defining the realms in shiro.ini allows shiro to discover other sources for authentication information and will look up them in order until user is authenticated.

[peterl1084]

Ah, in this example there is CDIAware environment loader which allows programmatic access to setup the realms. In this case it has been done mainly to demonstrate how to enable CDI usage there but it's not necessary to do it like that at all. It would be enough to have the shiro.ini file in place with realm definitions as well. Also all the credentials matchers and hashers can also be defined in the ini file. In our example here it's done as a programmatic implementation to allow injection of beans during the realm setup process. (It's been a while, didn't remember, sorry :))

[wassimz]

Thank Peter for your response. It is now more clear. But in case I am using the INI file method, how can I configure the web.xml to work with it ??

Thanks again for your help