The Spring ACL has a cool feature that allow you to evaluate any SpEL when
doing Authorization check using annotation. This is a feature that allow doing
the same with shiro.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Key: SHIRO-331
URL: https://issues.apache.org/jira/browse/SHIRO-331
Project: Shiro
Issue Type: New Feature
Components: Authorization (access control)
Affects Versions: 1.1.0
Reporter: DIALLO Mamadou BObo
On Spring ACL you can annotate a function with something like this:
@PreAuthorize("hasAnyRole('ROLE_SUPER_USER','ROLE_ SYSTEM_ADMIN') and
hasPermission(#id, 'com.xyz.db.domain.impl.XyzConfigImpl', 'read')")
Note the evaluation of a method, the use of logic operators, the ability t use
the parameters passed to the method.
This is a neccessary feature for doing any ACL like control check from an
annotation because otherwise you're obliged to do the check your self from
inside the method body.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
