Thanks. What is the Shiro API object that such a persisted URL filter would map to?
Jason Holmberg ECOCEAN Whale Shark Photo-identification Library http://www.whaleshark.org Please consider adopting a shark to support our mission: http://www.whaleshark.org/adoptashark.jsp On Thu, May 23, 2013 at 6:38 AM, Poitras Christian < [email protected]> wrote: > Hi,**** > > ** ** > > I think your best option is to store the URL security in the database and > have a request filter validate user’s role dynamically.**** > > ** ** > > Christian**** > > ** ** > > *De :* Jason Holmberg [mailto:[email protected]] > *Envoyé :* May-22-13 6:27 PM > *À :* [email protected] > *Objet :* Securing URLs in a J2EE web application**** > > ** ** > > Hi Everyone,**** > > ** ** > > So far I have beena susccessful SHiro newbie, adding basic user and role > mgmt. into my open source project for wildlife research:**** > > ** ** > > https://github.com/holmbergius/Shepherd-Project**** > > ** ** > > However, most of my users (biologists) will not be comfortable adjusting > and managing URL-based security in web.xml with the Shiro filter. **** > > ** ** > > What is the best way for me to develop URL-based mgmt. as a UI function > with Shiro? Is it simply a matter of moving to shiro.ini and dynamically > re-writing the URL entries based on choices made by the user in my GUI, or > should I create persistent mappings through the Shiro API?**** > > ** ** > > Any advice would help!**** > > ** ** > > ** ** > > Cheers, > **** > > Jason Holmberg > ECOCEAN Whale Shark Photo-identification Library > http://www.whaleshark.org > > Please consider adopting a shark to support our mission: > http://www.whaleshark.org/adoptashark.jsp**** >
