application.properties

[main]
iniRealm.authorizationCachingEnabled = true

CORP = com.github.alanger.shiroext.realm.activedirectory.ActiveDirectoryRealm
CORP.url = ldaps://corp.company.com:636
CORP.systemUsername = username
# CORP.systemUsername = username@SPECIFIED.SUFFIX.COM
CORP.principalSuffix = @CORP.COMPANY.COM
CORP.systemPassword = password
CORP.authorizationCachingEnabled = true
CORP.searchBase = DC=CORP,DC=COMPANY,DC=COM
CORP.searchFilter = (&(objectCategory=person)(objectClass=user)(sAMAccountName={0}))
CORP.roleBase = OU=Departments,OU=HUB,DC=corp,DC=company,DC=com
CORP.roleSearch = (&(objectClass=group)(member={0}))
CORP.roleNested = true
# CORP.named = true
# CORP.commonRole = All_Corp_Users
# CORP.userWhiteList = user1|user2|user3
# CORP.userBlackList = baduser1|baduser2|baduser3
# CORP.roleWhiteList = role1|role2|role3
# CORP.roleBlackList = badrole1|badrole2|badrole3
# CORP.userPrefix = CORP.

sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
sessionManager.sessionIdUrlRewritingEnabled = false
sessionManager.globalSessionTimeout = 1800000
sessionManager.sessionIdCookie.name = JSESSIONID
# sessionManager = org.apache.shiro.web.session.mgt.ServletContainerSessionManager

authcStrategy   = org.apache.shiro.authc.pam.FirstSuccessfulStrategy
authcStrategy.stopAfterFirstSuccess = true
authcListener   = com.github.alanger.shiroext.authc.AttributeAuthenticationListener
cacheManager    = org.apache.shiro.cache.MemoryConstrainedCacheManager
rememberMe      = org.apache.shiro.web.mgt.CookieRememberMeManager
realmAuthorizer = com.github.alanger.shiroext.authz.AssignedRealmAuthorizer

securityManager = org.apache.shiro.web.mgt.DefaultWebSecurityManager
securityManager.sessionManager = $sessionManager
securityManager.authenticator.authenticationStrategy = $authcStrategy
securityManager.authenticator.authenticationListeners = $authcListener
securityManager.cacheManager = $cacheManager
securityManager.rememberMeManager = $rememberMe
securityManager.authorizer = $realmAuthorizer
securityManager.rememberMeManager.cipherKey = kPH+bIxk5D2deZiIxcaaaA==
securityManager.realms = $iniRealm, $CORP

shiro.unauthorizedUrl = /loginError
shiro.loginUrl        = /j_security_check

[users]
admin = admin,admin,AppAdmin
user = user,users,AppUser

[roles]
admin = *
AppAdmin = *
users = example:*

[filters]
authc      = com.github.alanger.shiroext.web.FormAuthcFilter
authc.usernameParam       = j_username
authc.passwordParam       = j_password
authc.loginUrl            = /j_security_check
authc.successUrl          = /
authc.failureKeyAttribute = shiroLoginFailure
authc.rememberMeParam     = remember_me
basic      = com.github.alanger.shiroext.web.BasicAuthFilter
logout     = com.github.alanger.shiroext.web.LogoutAuthcFilter
roles      = com.github.alanger.shiroext.web.RolesAuthzFilter
role       = com.github.alanger.shiroext.web.RoleAuthzFilter
perms      = com.github.alanger.shiroext.web.PermissionsAuthzFilter
perm       = com.github.alanger.shiroext.web.PermissionAuthzFilter

[urls]
/public/**           = noSessionCreation, anon
/login               = noSessionCreation, anon
/loginEntry          = authc
/loginError          = noSessionCreation, anon
/logout              = logout
/j_security_check    = authc             
/admin/**            = authc, roles[admin]
/user/**             = authc, perm[example]
/** = authc