shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Les Hazlewood <>
Subject Re: Shiro.ini multiple roles for one url
Date Tue, 20 Sep 2011 17:23:45 GMT
This is because the RolesAuthorizationFilter ('roles') performs 'and'
logic - it checks to see that all roles specified are associated with
the Subject.

If you need to check to see if any of the roles are associated (and
not all), you will need to create your own roles filter that supports
this.  You can use the existing roles filter as an example to base
your implementation on:

In the future, Shiro will likely support an authorization syntax that
allows defining boolean expressions so you can define the rules
yourself, but in the meantime, the above filter source code should get
you started.


Les Hazlewood
CTO, Katasoft | | 888.391.5282
twitter: @lhazlewood |
katasoft blog:
personal blog:

On Tue, Sep 20, 2011 at 3:14 AM, neocdtv <> wrote:
> Well I've tried this before, I can start the webapp, but it does really work,
> I can't access the role1ORrole2 area with any of the roles then.
> --
> View this message in context:
> Sent from the Shiro User mailing list archive at

View raw message