You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@isis.apache.org by "Dan Haywood (JIRA)" <ji...@apache.org> on 2014/05/24 15:48:01 UTC
[jira] [Resolved] (ISIS-775) ISIS-Shiro isPermitted issue
[ https://issues.apache.org/jira/browse/ISIS-775?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dan Haywood resolved ISIS-775.
------------------------------
Resolution: Not a Problem
The user had a role mapped to * (wildcard access to everything).
> ISIS-Shiro isPermitted issue
> -----------------------------
>
> Key: ISIS-775
> URL: https://issues.apache.org/jira/browse/ISIS-775
> Project: Isis
> Issue Type: Bug
> Components: Security: Shiro
> Reporter: Ranganath Chittari
> Assignee: Dan Haywood
> Priority: Critical
> Attachments: Shiro-Permissions-Files.zip
>
>
> I want to use Apache-Shiro API methods in my code for some permissions check. But permission check is not working in ISIS-Shiro environment as it is based on class-based secyrity mechanism.
> For ex:
> in shiro.ini - I gave permission as below:
> site_role = BBY:0540
> In the code subject.isPermitted("BBY:541") also returning true.
> In non-ISIS environment, this security checking is working fine.
> Please help how to solve this issue.
> Please find attached files.
> Shiro version is 1.2.2 as this is coming via Isis-secuirty-shiro-1.3.0
--
This message was sent by Atlassian JIRA
(v6.2#6252)