I guess I still wasn't clear... My actual use case is complex so I will try to convey a new one.
- I have a list of pages: /mysite/a, /mysite/b, /mysite/c - user lprimak only has access to /mysite/a I want to have a web service, unauthenticated, for this example's sake, that will return a list containing one item (/mysite/a) when presented with a user lprimak and a list of pages stated above. I am assuming that this has to traverse all the filters and isn't at all trivial, hence why I am asking the question, or am I missing something? BTW I don't use Spring, and the example below is foreign to me. I use JEE Standard only + Shiro + Tapestry + Tapestry-Security I want to run a URL through the filter chain, without actually having an actual request from the user, and I want it to return whether it's authorized or not. Thanks again. On Jan 22, 2012, at 7:21 PM, jeffp wrote: > The other way is to define it within the filterChainDefinitions. You are > still doing essentially the same thing, but you're being explicit about the > URL or URL path. Either way you'll need a map of User to URL through some > mechanism. > > <bean id="shiroFilter" > class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> > <property name="securityManager" ref="securityManager"/> > <property name="loginUrl" value="/login.jsp"/> > <property name="filterChainDefinitions"> > <value> > /login.jsp = authc > /url/path/** = authc, perms[some-permission:view] > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/How-to-find-out-it-a-URL-is-authorized-tp7212711p7214512.html > Sent from the Shiro User mailing list archive at Nabble.com. >
