Grails Shiro plugin : confirming my understanding
Posted
by bsreekanth
on Stack Overflow
See other posts from Stack Overflow
or by bsreekanth
Published on 2010-05-03T05:10:31Z
Indexed on
2010/05/03
5:18 UTC
Read the original article
Hit count: 573
I'm bit vague about how to start using the shiro plugin, after reading few documents. I decided against Nimble, as it comes with few tables and UI plugins.
I setup shiro plugin with wildcard realm, with my own tables. I may use permission based (rather tan role based) access control as it scales well. Now, the steps for it.
- assign the permission string to the subject, and save it in the db
- check the permission through isPermitted, hasPermission (or relevant tags in GSP).
Now,
1. when to use the accesscontrol through filter?
2. is there a closure injected into the controller where I can define the permission for the actions in it?
3. How do I create a typical access control scenario like only the creator of (something, a post etc) can delete it?
thanks a lot.. Babu.
© Stack Overflow or respective owner