You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by vemu <kv...@outlook.com> on 2015/09/14 16:13:17 UTC
How to implement Dynamic roles and permissions in apache shiro
Hi,
Question 1 )
I have a web app and having multiple roles and users. I have a scenario
where say User A has a Custom role to only view. Now I would like to
dynamically change at runtime the User A's ability to do both read and write
access.
Question 2 )
Apache Shiro provides JSP authorization tags but I'm using JSF in my
application. How can I use these tags in .xhtml files to accomplish this
authorization.
How can I accomplish these scenarios in Apache Shiro.
Regards,
Vemu.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/How-to-implement-Dynamic-roles-and-permissions-in-apache-shiro-tp7580743.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: How to implement Dynamic roles and permissions in apache shiro
Posted by scSynergy <ro...@scsynergy.de>.
1. Your realm reads its users, roles and permissions from some backend system
(e. g. database). So user A would have a role R which has the VIEW
permission. Now, all you need do is change the permission of role R from
VIEW to READ and WRITE inside the database. This change will only take
effect once the cache is either flushed explicitly
(https://shiro.apache.org/static/1.2.3/apidocs/) or implicitly because the
user logs in anew.
2.
You cannot use JSP tags in JSF. A short google search brought this up :
https://github.com/deluan/shiro-faces
I use the following pattern in my JSF / CDI application:
code in facelet:
disabled="#{!compendium.isPermitted('base:write:name')}"
code in compendium backing bean:
public boolean isPermitted(String permission) {
return subject.isPermitted(permission);
}
--
View this message in context: http://shiro-user.582556.n2.nabble.com/How-to-implement-Dynamic-roles-and-permissions-in-apache-shiro-tp7580743p7580756.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: How to implement Dynamic roles and permissions in apache shiro
Posted by Brian Demers <br...@gmail.com>.
A realm implementation should work the same in a unit tests as in a webapp.
You just need to update whatever is backing your realm (LDAP, DB, config
file, hash in memory, etc). Depending on how your application and realms
are configure you may need to flush caches after doing this (or user
re-login, depending on your requirements)
On Tue, Sep 22, 2015 at 5:25 AM, vemu <kv...@outlook.com> wrote:
> Thanks Tamas,
> I wanted to look at more in terms of a sample web
> application. The one you have is more sort of in Junit.
> Rgds,
> Vemu.
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/How-to-implement-Dynamic-roles-and-permissions-in-apache-shiro-tp7580743p7580782.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: How to implement Dynamic roles and permissions in apache shiro
Posted by vemu <kv...@outlook.com>.
Thanks Tamas,
I wanted to look at more in terms of a sample web
application. The one you have is more sort of in Junit.
Rgds,
Vemu.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/How-to-implement-Dynamic-roles-and-permissions-in-apache-shiro-tp7580743p7580782.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: How to implement Dynamic roles and permissions in apache shiro
Posted by Tamás Cservenák <ta...@cservenak.net>.
Hi there,
there is something similar done in here:
https://github.com/cstamas/shiro-extras
(actually look for forked reposes, as users like obiba and Philippe did a
great deal of advancing the idea: https://github.com/obiba/shiro-extras)
Have fun!
On Tue, Sep 15, 2015 at 11:09 AM vemu <kv...@outlook.com> wrote:
> Thanks Guys
>
> It would be great if you could point me to a sample web app in github for a
> dynamic roles/permissions implementation so that I could take a look at
> complete code.
>
> I'm going to JSF 2.2 , Apache shiro 1.2.4 , Primefaces 5.2 along with
> Spring
> boot in my project
>
> I did take a look at shiro-facelets and had a concern if it would support
> for the latest version of JSF 2.2 or else it would need to me to build
> custom tags for JSF.
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/How-to-implement-Dynamic-roles-and-permissions-in-apache-shiro-tp7580743p7580757.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: How to implement Dynamic roles and permissions in apache shiro
Posted by vemu <kv...@outlook.com>.
Thanks Guys
It would be great if you could point me to a sample web app in github for a
dynamic roles/permissions implementation so that I could take a look at
complete code.
I'm going to JSF 2.2 , Apache shiro 1.2.4 , Primefaces 5.2 along with Spring
boot in my project
I did take a look at shiro-facelets and had a concern if it would support
for the latest version of JSF 2.2 or else it would need to me to build
custom tags for JSF.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/How-to-implement-Dynamic-roles-and-permissions-in-apache-shiro-tp7580743p7580757.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: How to implement Dynamic roles and permissions in apache shiro
Posted by Brian Demers <br...@gmail.com>.
1.) You should be able to change whatever is backing your realm to update
your User / Role permissions.
On Mon, Sep 14, 2015 at 10:13 AM, vemu <kv...@outlook.com> wrote:
> Hi,
> Question 1 )
> I have a web app and having multiple roles and users. I have a scenario
> where say User A has a Custom role to only view. Now I would like to
> dynamically change at runtime the User A's ability to do both read and
> write
> access.
>
> Question 2 )
> Apache Shiro provides JSP authorization tags but I'm using JSF in my
> application. How can I use these tags in .xhtml files to accomplish this
> authorization.
>
> How can I accomplish these scenarios in Apache Shiro.
>
> Regards,
> Vemu.
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/How-to-implement-Dynamic-roles-and-permissions-in-apache-shiro-tp7580743.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>