@Override public void contributeProvider( DeploymentContext context, Provider provider ) { // Many filter based authentication mechanisms require a ServletContextListener // to be added and the Knox deployment machinery provides the ability to add this // through the DeploymentContext. // Writing provider specific config out to the war for cluster specific config can be // accomplished through the DeploymentContext as well. The JBoss shrinkwrap API can be // used to write the asset to the war. // add servletContextListener context.getWebAppDescriptor().createListener().listenerClass( LISTENER_CLASSNAME ); // add session timeout int st = DEFAULT_SESSION_TIMEOUT; SessionConfigType<WebAppDescriptor> sessionConfig = context.getWebAppDescriptor().createSessionConfig(); Map<String, String> params = provider.getParams(); String sts = params.get( SESSION_TIMEOUT ); if( sts != null && !sts.trim().isEmpty()) { st = Integer.parseInt( sts.trim() ); } if( st <= 0 ) { // user default session timeout st = DEFAULT_SESSION_TIMEOUT; } sessionConfig.sessionTimeout( st ); sessionConfig.getOrCreateCookieConfig().httpOnly( true ); sessionConfig.getOrCreateCookieConfig().secure( true ); String clusterName = context.getTopology().getName(); ShiroConfig config = new ShiroConfig( provider, clusterName ); String configStr = config.toString(); context.getWebArchive().addAsWebInfResource( new StringAsset( configStr ), SHRIO_CONFIG_FILE_NAME ); }