I've now added this to the website [1]. Thanks once more
Dan [1] http://isis.apache.org/components/security/shiro/shiro-realm-mappings.html On 8 July 2013 23:21, Dan Haywood <[email protected]> wrote: > Thanks for looking into this further, David. > > I'll add a page to our website to describe this "feature". > > Cheers > Dan > > > > On 8 July 2013 23:17, David Tildesley <[email protected]> wrote: > >> This is a Shiro "feature" and the only solution to this is to use '\' to >> separate the mappings onto separate lines in the file so that it is at >> least maintainable. Use this technique for both group to roles mapping and >> role to permission mapping. If you use the '\' after the "," that separates >> the key:value pairs it is more readable. >> >> N.B. you can't use a [roles] section because that triggers Shiro to use >> the simple "INI" realm and not your defined realm (in most cases you are >> going to use an LDAP realm in an enterprise environment and the "simple" >> realm in Shiro isn't much use beyond prototyping work). >> >> David. >> >> >> >> ________________________________ >> From: David Tildesley <[email protected]> >> To: "[email protected]" <[email protected]> >> Sent: Monday, 8 July 2013 8:32 PM >> Subject: ISIS/Shiro security mappings. >> >> >> >> >> I've been playing around with the role based permission mapping. >> >> I've noticed that you can have only one of these entries per realm: >> >> >> realm.groupToRolesMappings = ... >> >> and >> >> realm.roleToPermissionsMappings = ... >> >> Which forces you to put everything on one line for each of the above (is >> there some limit to the size of this line?) which makes it very difficult >> to maintain. >> >> If you repeat the entries above then it's "last one wins". >> >> Have I got this right? >> >> If so, could be an improvement to allow the mappings to spread over >> multiple entries? >> >> i.e. >> >> >> realm.roleToPermissionsMappings = ... >> realm.roleToPermissionsMappings = ... >> realm.roleToPermissionsMappings = ... >> realm.roleToPermissionsMappings = ... >> realm.roleToPermissionsMappings = ... >> >> Regards, >> David. >> > >
