Hey Brian! The example was a bit of a simple example. I've decided to bite the bullet and create a roles to permissions mapping in my application, to be honest it is probably for the best in the long term.
I had been delaying this issue, but honestly some application code is looking a lot saner now that I've bit the bullet. Thanks! Rob On Mon, Jun 5, 2017 at 11:01 AM, Brian Demers <[email protected]> wrote: > There is a related issue open: https://issues.apache. > org/jira/browse/SHIRO-314 > Take a look at that one if you want to comment/add anything. > > Though the way I typically recommend solving this type of problem is with > permissions. > > In this case say we define a 'staff:read' and assign it do your path: > /staff/** = perms["staff:read"] > > Then you could add this permission to your roles > staff = staff:read > qa = staff:* > admin = * > > Any of these roles would be allowed access to your /staff/** resources > > see: https://shiro.apache.org/web.html#web-ini-configuration > > > Does that help? > -Brian > > > On Sun, Jun 4, 2017 at 8:49 AM, Rob Young <[email protected]> wrote: > >> Hi there, >> >> In the web section of shiro.ini, I'd love to be able to do something like: >> >> /staff/** = roles[staff] OR roles[qa] >> >> I realize this isn't really the shiro way of doing things but it would >> sure be handy for some features I'm working on. Is there a way to do this >> in the shiro.ini DSL? >> >> Thanks, >> Rob >> > >
