Yeah...by documentation I meant the javadocs for the setPermissionsLookupEnabled method in the JdbcRealm class. At the very least I felt like there should be a mention of this setting in the class-level javadoc - I'm still not sure why this is off by default when I got every indication from the rest of the documentation that permissions are the preferred mechanism.
Thanks, Jared On 1/9/11 6:18 AM, "Bruce Phillips" <[email protected]> wrote: > > Jared - Thank you very much for the reply. I added > realmA.permissionsLookupEnabled=true to the [main] section of the > IniShiroFilter configuration and now permissions work in my example web > application. > > Where in the documentation did you find the information about setting > permissionsLookupEnabled to true? I did read through the documentation > before posting and didn't see any references to setting > permissionsLookupEnabled to true to enable permissions. > > I'm going to submit a Jira request to update the permissions part of the > document (http://shiro.apache.org/permissions.html) with this information. > > After reading your reply I dug into the API much deeper and in the source > code for JdbcRealm class is this: > > /** > 157 * Enables lookup of permissions during authorization. The > default is "false" - meaning that only roles > 158 * are associated with a user. Set this to true in order to > lookup roles and permissions. > 159 * > 160 * @param permissionsLookupEnabled true if permissions should be > looked up during authorization, or false if only > 161 * roles should be looked up. > 162 */ > 163 public void setPermissionsLookupEnabled(boolean > permissionsLookupEnabled) { > 164 this.permissionsLookupEnabled = permissionsLookupEnabled; > 165 } > > So as you mention in your reply besides setting the value of > permissionsLookupEnabled in the configuration section of IniShiroFilter in > web.xml you can call setPermissionsLookupEnabled(true) in the JdbcRealm > class. > > Thanks again for your reply. > > Bruce > > Bruce
