shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Terefang Verigorn (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SHIRO-492) Subject.getRoles() functionality
Date Mon, 06 Oct 2014 10:42:34 GMT

    [ https://issues.apache.org/jira/browse/SHIRO-492?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14160171#comment-14160171
] 

Terefang Verigorn commented on SHIRO-492:
-----------------------------------------

hello les,

my requirements are a little bit different.

i would like to resolve roles from an external backend based on the roles presented from the
authenticating realm with code like this:

{code}
	public AuthorizationInfo 
	doGetAuthorizationInfo(PrincipalCollection pc) 
	{
		AuthorizationInfo aI = authenticator.doGetAuthorizationInfo(pc);
		
		String userName = this.getAvailablePrincipal(pc).toString();
		
		SimpleAuthorizationInfo sAI = new SimpleAuthorizationInfo(new HashSet());

		Collection<String> groups = aI.getRoles();
		if(groupProvider!=null)
		{
			for(String group : groupProvider.resolveGroups(userName, groups))
			{
				groups.add(group);
				sAI.addRole(group);
			}
		}
		
		List<String> roles = new Vector();
		if(roleProvider!=null)
		{
			for(String role : roleProvider.resolveRoles(userName, groups))
			{
				roles.add(role);
				sAI.addRole(role);
			}
		}
		
		if(permissionProvider!=null)
		{
			for(Permission permission : permissionProvider.resolvePermissions(userName, roles))
			{
				sAI.addObjectPermission(permission);
			}
		}
		
		return sAI;
	}
{code}

> Subject.getRoles() functionality
> --------------------------------
>
>                 Key: SHIRO-492
>                 URL: https://issues.apache.org/jira/browse/SHIRO-492
>             Project: Shiro
>          Issue Type: Improvement
>          Components: Authorization (access control) 
>            Reporter: John Vines
>
> Currently shiro provides the ability to respond whether or not a user has a list of Authorizations.
However, while the realms have methods for getting all authorizations (protected), these are
not exposed in normal use to allow asking for all Roles. This should be exposed by adding
a call to Subject to getRoles, to complement it's existing hasRoles calls. This may require
making some of the calls around authorizations, like getAuthorizationInfo in AuthorizingRealm,
public. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message