Hello All - I got these guidelines 1 to 4 from a post reply by Les.
1) A Role is a named Set of permissons A : Got that, I have created Roles and assigned group of string permissions to these Roles. 2) A User 'has' a Set of one or more Roles A : Got that, I have assigned Roles to the users and all works super. I have configured this in the INI JDBC Realm as default. query.jdbcRealm.permissionsQuery = select permission from roles_permissions where role_name = ? 3) A User 'has' a Set of permissions for that-user-only permissions (not shared with anyone else - otherwise they'd go in a Role) Question: Now where and how do I assign a separate string permissions to a specific user outside the Role permissions and how do I include these in the INI for Shiro to be aware of these seperate permissions? 4) A Group is a named Set of 'Party' objects (a User is a Party and a Group is a Party - allowing for instances of both to exist in hierarchical Party trees) Question: This is I think similar to #3 above, objects permissions to a specif user. How is Shiro aware of these? Or is it a separate implementation within the application that one has to model and handle outside of Shiro.? Thanks in advance. -Rodrigues -- View this message in context: http://shiro-user.582556.n2.nabble.com/User-specific-permission-strings-tp7579621.html Sent from the Shiro User mailing list archive at Nabble.com.
