Jared - Thank you very much for the reply. I added realmA.permissionsLookupEnabled=true to the [main] section of the IniShiroFilter configuration and now permissions work in my example web application.
Where in the documentation did you find the information about setting permissionsLookupEnabled to true? I did read through the documentation before posting and didn't see any references to setting permissionsLookupEnabled to true to enable permissions. I'm going to submit a Jira request to update the permissions part of the document (http://shiro.apache.org/permissions.html) with this information. After reading your reply I dug into the API much deeper and in the source code for JdbcRealm class is this: /** 157 * Enables lookup of permissions during authorization. The default is "false" - meaning that only roles 158 * are associated with a user. Set this to true in order to lookup roles and permissions. 159 * 160 * @param permissionsLookupEnabled true if permissions should be looked up during authorization, or false if only 161 * roles should be looked up. 162 */ 163 public void setPermissionsLookupEnabled(boolean permissionsLookupEnabled) { 164 this.permissionsLookupEnabled = permissionsLookupEnabled; 165 } So as you mention in your reply besides setting the value of permissionsLookupEnabled in the configuration section of IniShiroFilter in web.xml you can call setPermissionsLookupEnabled(true) in the JdbcRealm class. Thanks again for your reply. Bruce Bruce -- View this message in context: http://shiro-user.582556.n2.nabble.com/Upgraded-From-JSecurity-0-9-To-Shiro-1-1-0-Permissions-No-Longer-Work-tp5903710p5904264.html Sent from the Shiro User mailing list archive at Nabble.com.
