shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Demers <brian.dem...@gmail.com>
Subject Re: A question about Shiro's capabilities
Date Tue, 03 Mar 2015 20:37:45 GMT
Agreed, use roles as a collection of permissions.

On Tue, Mar 3, 2015 at 2:01 PM, Christian Wolfe <taidan19@gmail.com> wrote:

> It sounds like one possible solution would be to create a role (with
> assigned permissions) for each resource group, and then write your Shiro
> Realm such that it determines which groups any given user is in. For
> example, you'd have to look at what site the user is at, and then determine
> which if any roles the user should be given. The only trick is that you
> would have to perform these checks for every single kind of resource group
> you'd like to  support.
>
> On Tue, Mar 3, 2015 at 9:41 AM, Raghuram Devarakonda <draghuram@gmail.com>
> wrote:
>
>>
>> On Mon, Mar 2, 2015 at 11:54 AM, Brian Demers <brian.demers@gmail.com>
>> wrote:
>>
>>> I guess I don't know what you mean by a resource group?  Can you give an
>>> example ?
>>>
>>> If I had a group of similar resources, I would assign them similar named
>>> permissions, (similar to the printer example in the link below)
>>>
>>
>>
>> By resource group, I mean group of resources that don't necessarily of
>> the same type. For example, a company may create a resource group of
>> various types of resources belonging to a particular site and give
>> permissions on that group to users at that site.
>>
>> Thanks,
>> Raghu
>>
>
>

Mime
View raw message