I want to make my website pages password protected.I make the website using restful webservices in java using jersey.So can any one tell me how to protect my web pages using apache shiro.Any one have implemented example to securing a website using apache shiro if yes than plz share the example.I shall be thankful :)
For protecting your webservices using shiro you can use following template files and can customize with your own requirements. Include the jars or add to pom as required.
Add these to web.xml
<filter>
<filter-name>Shiro</filter-name>
<filter-class>
org.apache.shiro.web.servlet.IniShiroFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>Shiro</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Now for shiro.ini to be place in WEB-INF (I am using basic Authentication with username and roles in shiro.ini which you can use from database etc as per your need, Assuming that /rest is the url for jersey rest services)
[main]
[urls]
/rest/** = noSessionCreation,authcBasic
/**= anon
[users]
admin=admin