Personally, I always think of permissions the other way around. Assign the more general permissions to my users, and very specific permissions to my resources.
I also like to keep them right to left, generic to specific. My user could have "object:abc" (or "object:abc:*") and when attempting to access the permission i'd check for "object:abc:read" This doesn't fit everyone's use cases of course, and might not help with what you are trying to do On Fri, Mar 1, 2019 at 11:06 AM [email protected] <[email protected]> wrote: > No, that does not work. I wish it did, because it would cover my > situation. > > If my User has the permission "object:read:abc" > > and I do: SecurityUtils.getSubject().isPermitted("object:read"); > > the isPermitted(...) call returns "false". > > > > -- > Sent from: http://shiro-user.582556.n2.nabble.com/ >
