You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by burning_down <bh...@web-systeme.de> on 2012/11/21 15:23:35 UTC

Best practice for maintaining roles

Hello Shiro users,

I'm new to Shiro and I just created some test code for validating the usage
of Shiro in one of our projects. My basic realm implementation subclassing
JdbcRealm works fine for the basics, after I entered some test roles and
permissions. 

My question is: what would be a best practice for maintaining the roles and
permissions in the database? 
Just using an own implementation which inserts and updates the roles and
permissions tables? 
Or are there interfaces by Shiro or even manager classes which should be
used for this? (maybe because this would possibly update any Shiro caching
classes)

Bernhard



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Best-practice-for-maintaining-roles-tp7577967.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Best practice for maintaining roles

Posted by Les Hazlewood <lh...@apache.org>.

Hi Bernhard,

This is correct.  Because Shiro can integrate with many different data
stores, it could be very hard to impose a uniform write API for roles and
permissions since they can vary greatly across applications and data
stores.

You can write this information to your data store(s) of choice however you
wish and your Shiro Realm implementation should know how to translate those
app/datastore specific concepts to what Shiro understands (e.g.
AuthorizationInfo or AuthenticationInfo).

HTH,

--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
Stormpath wins GigaOM Structure Launchpad Award! http://bit.ly/MvZkMk

On Fri, Nov 23, 2012 at 4:11 AM, Bernhard Hirschmann <
bh.shiro@web-systeme.de> wrote:

> As far as I could find out, the maintaining application of the roles and
> permissions in the DB must be implemented outside Shiro and without any
> usage of Shiro classes.
>
> Please correct me if I'm wrong.
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Best-practice-for-maintaining-roles-tp7577967p7577979.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>

Re: Best practice for maintaining roles

Posted by Bernhard Hirschmann <bh...@web-systeme.de>.

As far as I could find out, the maintaining application of the roles and
permissions in the DB must be implemented outside Shiro and without any
usage of Shiro classes.

Please correct me if I'm wrong.



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Best-practice-for-maintaining-roles-tp7577967p7577979.html
Sent from the Shiro User mailing list archive at Nabble.com.