I am reading the I expected that there will be such methods in the form of But it seems that I am not using this How do you support the concept of user group in multi-authentication applications? Do I have some 1.2 This is not a problem if you have only roles or you can use the name of your group, because the role of the call of the call (i.e. realm.hasRole (roleIdentifier, authzInfo) Role identifier '). If you have both roles and group concepts in your application, you probably will not be able to use the subject.hasRole easily to check both. If you want it as a feature, please do one. Two options for this, though you want it to work: Use one field to display both, and use the string used for identifying the group with a recognizable token, for example: Then your area can see if the prefix is, and if so, check one group, and if not, then check a role. These options aside, what many people do in this case the role and group investigation are completely ignored and instead the permission check in the code ( More powerful): Then you can see both the and topics of any group or roles to see its scope to see that it is allowed. If so, you do not need any group or role investigation because your code (potentially unstable and many) is based on permissions rather than the concept of group / roles. There are some good reasons, but if you feel otherwise and still represent any group in the Regards, LE shiro document and never found any sign that was
shiro < / Code> Supports user group concept at API level.
Subject.java in the form of getUserGroups , but it's not. For example, if I write some applications whose purpose is to work with multiple authentication systems, when the user creates some objects, then I want to make it visible to all users in groups of object creator, and this is an authentication provider In an agnostic way, using a few masks APIs like Shiro Topics
shiro api, is this correct?
UserGroupAwareSubject extensions? In the form of 1.2, the head does not have a group concept in its API - it has the notion of roles and permissions in the form of
topic. HasRole ("group: myGroupName");
isPermitted topic ("Document: 1234: Read");
topic API, please open a feature request.
No comments:
Post a Comment