Hi Les, thanks !
On Thu, May 12, 2011 at 7:23 PM, Les Hazlewood <[email protected]> wrote: > Hi Manoj, > > Yep, Shiro does not dictate a security policy or domain model (on > purpose, as all apps are different). You can make these associations > however you like (permission to user, permission to role, perm to > group, etc). Ultimately your Realm implementation determines how > those associations are resolved. > > If your realm implementation subclasses AuthorizingRealm, you can > return an AuthorizationInfo instance from your doGetAuthorizationInfo > implementation and populate that instance however you want based on > your data model. > > HTH, > > Les > > On Thu, May 12, 2011 at 6:23 PM, Manoj Khangaonkar > <[email protected]> wrote: >> Hi, >> >> Does Shiro support assigning permissions directly to users ? ( not as roles >> ). >> >> such as >> user1 has permission document:read,write:doc1 >> user2 has permission document:read,write:doc2 >> >> Most examples assign roles to users and permission to roles. >> >> In looking at the implementation of Subject.isPermitted(String perm) >> and JdbcRealm.java, I am thinking this is possible. I can store the >> user - permission mapping in table and >> I would need to override the implementation of >> doGetAuthorizationInfo(Principal collection >> >> Am I right about this ? >> >> thanks >> >> Mj >> >> -- >> http://khangaonkar.blogspot.com/ > -- http://khangaonkar.blogspot.com/
