shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "DIALLO Mamadou BObo (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SHIRO-331) The Spring ACL has a cool feature that allow you to evaluate any SpEL when doing Authorization check using annotation. This is a feature that allow doing the same with shiro.
Date Tue, 17 Jan 2012 22:25:40 GMT

    [ https://issues.apache.org/jira/browse/SHIRO-331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13188074#comment-13188074
] 

DIALLO Mamadou BObo commented on SHIRO-331:
-------------------------------------------

I've seen this, but SpEl go far beyond this as you can do basically whatever you like to check
permissions.
And yes, it work with parameters name using ParameterNameDiscoverer of spring.

And there is many people out there that use shiro with spring so it won't add a dependency
in any case.
                
> The Spring ACL has a cool feature that allow you to evaluate any SpEL when doing Authorization
check using annotation. This is a feature that allow doing the same with shiro.
> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: SHIRO-331
>                 URL: https://issues.apache.org/jira/browse/SHIRO-331
>             Project: Shiro
>          Issue Type: New Feature
>          Components: Authorization (access control) 
>    Affects Versions: 1.1.0
>            Reporter: DIALLO Mamadou BObo
>              Labels: Authorization, SpEl,, Spring
>   Original Estimate: 12h
>  Remaining Estimate: 12h
>
> On Spring ACL you can annotate a function with something like this:
> @PreAuthorize("hasAnyRole('ROLE_SUPER_USER','ROLE_ SYSTEM_ADMIN') and hasPermission(#id,
'com.xyz.db.domain.impl.XyzConfigImpl', 'read')")
> Note the evaluation of a method, the use of logic operators, the ability t use the parameters
passed to the method.
> This is a neccessary feature for doing any ACL like control check from an annotation
because otherwise you're obliged to do the check your self from inside the method body.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message