Adding roles and perms

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Adding roles and perms

Stephen Beaver
After much experimenting I have a working Wildly web app secured with Shiro. I authenticate agains an LDAP server, then refer to a local database to get the user's role and permissions.

Is there a way to add those roles to the logged in user so that I can then use Shiro tags (<shiro:hasPermission> et al)  in my JSP ?  Something like currentUser.putRole("admin"); for example?

Thanks,

Steve
--
Stephen Beaver

Reply | Threaded
Open this post in threaded view
|

Re: Adding roles and perms

armandoxxx
This post was updated on .
Yes .. every Authorizing Realm has doGetAuthorization() method ... just implement it ;)
Please note: it's called every time you call isPermitted !!! .. use cached ones .. or Implement your own cache stuff

@Override
  protected AuthorizationInfo invokeGetAuthorizationInfo(final CacheAuthContext cacheContext, final PrincipalCollection principalsColl) {
    List<String> shiroPermissions = ... do your LDAP or DB thingy here 
    List<String> roleNames = ... do your LDAP or DB thingy here 

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    info.setRoles(roleNames);
    info.setObjectPermissions(shiroPermissions);
    return info;
  }

Regards

Armando
Reply | Threaded
Open this post in threaded view
|

Re: Adding roles and perms

Brian Demers
You can also extend the JDBC Realm, use its doGetAuthorization(), and write a noop for doGetAuthentication()

On Fri, Feb 3, 2017 at 3:22 AM, armandoxxx <[hidden email]> wrote:
Yes .. every Realm has doGetAuthorization() method ... just implement it ;)



Regards

Armando



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Adding-roles-and-perms-tp7581493p7581494.html
Sent from the Shiro User mailing list archive at Nabble.com.

Reply | Threaded
Open this post in threaded view
|

Re: Adding roles and perms

cumibulat
This post has NOT been accepted by the mailing list yet.
In reply to this post by Stephen Beaver
hi,

i'm just having a task like you mention. i post in case you haven't figured it out how to accomplished it.

so i create a class that extends JndiLdapRealm class. then i follow this class https://github.com/apache/shiro/blob/master/core/src/main/java/org/apache/shiro/realm/jdbc/JdbcRealm.java

the only difference is, you don't need the saltStyle, authenticationQuery.
i think the JdbcRealm code is quite easy to understand. i use the datasource to get the Roles & Permission, make sure you also set the Roles & Permission query value from your shiro.ini file.

hope it helps.