Basically, you have to create a Realm that subclasses AuthorizingRealm. There are a few out-of-the-box implementations that already do this, including TextConfigurationRealm.
The main method which you'll need to focus on is doGetAuthorizationInfo. This method will be called whenever some action is performed which requires authorization. The method is given a collection of principals for the current user. You use these principals to look up the user's roles and permissions, and then store these roles and permissions in an object that implements the AuthorizationInfo interface (again, a few premade classes do this, such as SimpleAccount). Lastly, have the method return this object. Shiro will use it to determine whether a user is authorized to do something. On Mon, Oct 5, 2015 at 4:10 PM, armandoxxx <[email protected]> wrote: > it'a really simple .. all you have to do is load roles and permissions into > authorization info and return the class ... the problem with this is that > It's beeing called multiple times ... so cache loaded data ... > > Regards > > Armando > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Re-Realm-Authorization-tp7580800p7580802.html > Sent from the Shiro User mailing list archive at Nabble.com. >
