Hi, I think your best option is to store the URL security in the database and have a request filter validate user's role dynamically.
Christian De : Jason Holmberg [mailto:[email protected]] Envoyé : May-22-13 6:27 PM À : [email protected] Objet : Securing URLs in a J2EE web application Hi Everyone, So far I have beena susccessful SHiro newbie, adding basic user and role mgmt. into my open source project for wildlife research: https://github.com/holmbergius/Shepherd-Project However, most of my users (biologists) will not be comfortable adjusting and managing URL-based security in web.xml with the Shiro filter. What is the best way for me to develop URL-based mgmt. as a UI function with Shiro? Is it simply a matter of moving to shiro.ini and dynamically re-writing the URL entries based on choices made by the user in my GUI, or should I create persistent mappings through the Shiro API? Any advice would help! Cheers, Jason Holmberg ECOCEAN Whale Shark Photo-identification Library http://www.whaleshark.org Please consider adopting a shark to support our mission: http://www.whaleshark.org/adoptashark.jsp
