A really good solution. It has always bugged me that I didn't have a good solution to this problem.
Thanks Dan! I previously resorted to encoding the access control via "visibleXxx" and "disabledXxxx" domain methods, but, as you can predict, this requires uploading a new domain binary every time the access control rules are updated. Are the Shiro-enforced rules understood by the junit viewer ? I currently have domain tests that check that role rules are enforced (user A logs in and gets role Z, can / can not execute action Xxxx). Regards, Kevin On 23 Jun 2013 at 9:16, Dan Haywood wrote: > Hi James, > What you need to do for this requirement is to configure Shiro to use > database tables, using its JdbcRealm or similar [1], [2], [3] > > Then, model these concepts as entities within Isis, such that (when using > our JDO objectstore) that they map onto these tables. > > You'll then be able to configure access to your regular entities (ToDoItem > or whatever) through Isis itself. > > I can see this being a useful "off-the-shelf" component that others might > want to use, so you might want to do this as a little independent project > in github or similar. (Getting ahead of myself... some day it might also > be good to incorporate within Isis itself) > > HTH > Dan > > [1] > http://shiro.apache.org/static/1.2.1/apidocs/org/apache/shiro/realm/jdbc/JdbcRealm.html > [2] http://blog.pinateknoloji.com/shiro-jdbc-realm > [3] http://java.dzone.com/articles/java-web-application-security-1 > > > On 23 June 2013 08:36, james agada wrote: > > > No I am not building an Identity management system. I will take your advice > > though. I will use pwm to manage users but then how will I be able to use > > that in the domain model? When a user logs in, I want him to have access to > > some data only. In the ToDo application this is achieved with the ownedby > > property but I want to go beyond that and have the owned by to be an entity > > to which I can assign users. I can model the entity but I cannot get list > > of users from Isis. > > > > Sent from my iPhone > > > > ------------------------------ > > > > I have read those. What I want to do is provide a UI to create users and > > assign roles. I also want to associate users with objects for instance I > > want to have a department object that refers to a user object as the > > manager of the department. > > > > Sent from my iPad > > > > On Jun 22, 2013, at 2:09 PM, Jeroen van der Wal > > wrote: > > > > > Isis uses Apache Shiro for authentication and authorization You can > > > find further details in the documentation [1] > > > > > > [1] http://isis.apache.org/components/security/shiro/about.html > > > > > > On Fri, Jun 21, 2013 at 11:54 PM, Okwui wrote: > > >> How do I implement a user management system?
