How to configure JDBCRealm to obtain its DataSource from JNDI

Question

How do you use a JDBCRealm to handle authenticating and authorizing users in servlets? The only example I can find is to create the DataSource in web.xml

Answer 1

You'll need to create a custom Realm of your own by extending JdbcRealm to programatically lookup the datasource through the provided JNDI.

You can then pass the JNDI as a property in shiro.ini

[main]
# realms to be used
customSecurityRealm=package.to.your.CustomRealm
customSecurityRealm.jndiDataSourceName=java:app/jdbc/myDatasource

See the below article as an example. It takes care of both Authentication and Authorization.

Apache Shiro JDBC Realm