It's been a while but I think you are correct about how Shiro works. I
would use a role to solve this. You can make a role like "maintainer" and
assign that role to anyone that can maintain objects. Then you can protect
any pages after the url /maintain
On Wednesday, April 19, 2017, Robin Garner
I've just about finished adding my first feature that uses object
permissions to a tapestry app (tapestry-security 0.5.1, tapestry 5.3.8).
Users are given permissions to the objects they are allowed to
maintain, when they go to the new page, only the objects they have
permission to maintain ap
on("/signup",
> "anon"));
> configuration.add("signin-anon", new FilterChainDefinition("/signin",
> "anon"));
> }
>
> *
> shiro-users.properties*
> //I really don't know what to write here
> u
nfiguration.add("signup-anon", new FilterChainDefinition("/signup",
"anon"));
configuration.add("signin-anon", new FilterChainDefinition("/signin",
"anon"));
}
*
shiro-users.properties*
//I really don't know what to write here
user.localus
Alejandro,
Would you mind posting your Realm implementation?
I tried just providing a CacheManager to the constructor for
AuthorizingRealm but there must be something else missing as i still
have 2 problems:
1. The SimpleAccount is not being cached after the credentials have been
checked (i
Hi Paul
The AuthorizingRealm constructor can take a CacheManager as a parameter.
In our case we use the EhCacheManager.
That's all you need!
Cheers.
Alejandro
On Fri, Nov 19, 2010 at 12:58 AM, Paul Stanton wrote:
> Kalle,
>
> I'm think I'm making progress however I haven't found a good guide
Kalle,
I'm think I'm making progress however I haven't found a good guide to
confirm I'm on the right track.
I have a persistent User entity (db+hibernate). The user has multiple
roles. I only really want to use the RequiresRoles annotation on pages
(and some methods) at this point.
So wha
