Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-331

The Spring ACL has a cool feature that allow you to evaluate any SpEL when doing Authorization check using annotation. This is a feature that allow doing the same with shiro.

    Details

      Description

      On Spring ACL you can annotate a function with something like this:

      @PreAuthorize("hasAnyRole('ROLE_SUPER_USER','ROLE_ SYSTEM_ADMIN') and hasPermission(#id, 'com.xyz.db.domain.impl.XyzConfigImpl', 'read')")

      Note the evaluation of a method, the use of logic operators, the ability t use the parameters passed to the method.
      This is a neccessary feature for doing any ACL like control check from an annotation because otherwise you're obliged to do the check your self from inside the method body.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              exilire2vie DIALLO Mamadou BObo
            • Votes:
              3 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:

                Time Tracking

                Estimated:
                Original Estimate - 12h
                12h
                Remaining:
                Remaining Estimate - 12h
                12h
                Logged:
                Time Spent - Not Specified
                Not Specified