Reputation: 417
Store Permissions for Apache Shiro
I'm starting with the framework Apache Shiro, I felt great and very flexible. Within an application we want to control permissions for certain parts of the web with jsp tags for "shiro: hasPermission".
Shiro I understand that things like this can tell Module4:action1, but for more complex scenarios as module1-> module1.1-> action3 not think of a structure to store this in the database.
Depending on the model of our application suggestion What I do to store the permissions on the database, What tables could use?.
Thanks In Advance
Upvotes: 3
Views: 769
Answers (1)
Reputation: 19547
Shiro's default WildcardPermission syntax can handle arbitrary numbers of : delimited tokens. You could get by on something as easy as defining your permissions as follows:
module1:module1.1:action3
etc.
This means you only need an association table, e.g. account_permissions that has an account_id and a permission string.
Upvotes: 3
Related Questions
- Apache Shiro Permissions: How to implement any of permission check
- Apache Shiro roles and permissions not working
- Different Permissions in Apache Shiro for every User?
- Configure Apache Shiro Permissions
- Permission control using apache shiro
- Use Apache Shiro to restrict operation based on owner or admin role
- Web-Application Security with Apache Shiro Configuration Problems
- Shiro 'Any' Permission Instance
- Apache shiro implied permissions
- Instance level access control in Apache Shiro