Roles are working but having no success with Permissions

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Roles are working but having no success with Permissions

apowell

I am able to successfully use the jsp tag hasAnyRoles, but when I try to use hasPermission it appears that upon initialization that information is not being gathered. Is there something that I am missing? Any help would be appreciated.

 

 

 

shiro.ini

==============================

[main]

shiro.loginUrl = /login.jsp



cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager

ds = com.project.util.MYSQLDataSource
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled = true
jdbcRealm.dataSource=$ds
jdbcRealm.authenticationQuery = SELECT password from users where username = ?
jdbcRealm.userRolesQuery = SELECT role_name FROM user_roles WHERE username = ?
jdbcRealm.permissionsQuery = SELECT permission FROM roles_permissions WHERE role_name = ?
jdbcRealmCredentialsMatcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
jdbcRealm.credentialsMatcher = $jdbcRealmCredentialsMatcher



securityManager.realm = $jdbcRealm



[urls]
/login.jsp = authc
/logout = logout
/* = authc

 

 

Variations of roles and permission queries:

#jdbcRealm.userRolesQuery = SELECT role_name FROM user_roles WHERE username = (SELECT username FROM users WHERE username = ?)

#jdbcRealm.permissionsQuery = SELECT permission FROM roles_permissions WHERE UPPER(role_name) = UPPER(?)

 

 

jsp snippet

=====================


<
shiro:hasPermission name="entries:manage">
<button type="submit" id="clearEntries" name="clearEntries" class="btn btn-sm" style="color: #fff!important; background-color: #28A8FF!important; text-transform: uppercase!important; letter-spacing: 1px!important; padding: 10px 20px!important; border: 1px solid #28A8FF!important;">
    Remove Checked
</
button>
</
shiro:hasPermission>
 
 
 
StackOverflow References:
 
https://stackoverflow.com/questions/37534017/configure-apache-shiro-permissions

 



--
Andre


Reply | Threaded
Open this post in threaded view
|

Re: Roles are working but having no success with Permissions

Brian Demers
Looks like this was solved on StackOverflow?
Thanks for including the question link!

On Tue, Apr 24, 2018 at 10:41 AM, Andre Powell <[hidden email]> wrote:

I am able to successfully use the jsp tag hasAnyRoles, but when I try to use hasPermission it appears that upon initialization that information is not being gathered. Is there something that I am missing? Any help would be appreciated.

 

 

 

shiro.ini

==============================

[main]

shiro.loginUrl = /login.jsp



cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager

ds = com.project.util.MYSQLDataSource
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled = true
jdbcRealm.dataSource=$ds
jdbcRealm.authenticationQuery = SELECT password from users where username = ?
jdbcRealm.userRolesQuery = SELECT role_name FROM user_roles WHERE username = ?
jdbcRealm.permissionsQuery = SELECT permission FROM roles_permissions WHERE role_name = ?
jdbcRealmCredentialsMatcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
jdbcRealm.credentialsMatcher = $jdbcRealmCredentialsMatcher



securityManager.realm = $jdbcRealm



[urls]
/login.jsp = authc
/logout = logout
/* = authc

 

 

Variations of roles and permission queries:

#jdbcRealm.userRolesQuery = SELECT role_name FROM user_roles WHERE username = (SELECT username FROM users WHERE username = ?)

#jdbcRealm.permissionsQuery = SELECT permission FROM roles_permissions WHERE UPPER(role_name) = UPPER(?)

 

 

jsp snippet

=====================


<
shiro:hasPermission name="entries:manage">
<button type="submit" id="clearEntries" name="clearEntries" class="btn btn-sm" style="color: #fff!important; background-color: #28A8FF!important; text-transform: uppercase!important; letter-spacing: 1px!important; padding: 10px 20px!important; border: 1px solid #28A8FF!important;">
    Remove Checked
</
button>
</
shiro:hasPermission>
 
 
 
StackOverflow References:
 
https://stackoverflow.com/questions/37534017/configure-apache-shiro-permissions

 



--
Andre



Reply | Threaded
Open this post in threaded view
|

Re: Roles are working but having no success with Permissions

apowell
In reply to this post by apowell
Kind of, I had to make a change to my db to have the following format for each permission:

id | role | permission

For some unknown (probably code blind) reason I had the permissions in one column.

And FWIW shiro has saved me a lot of time in my project.

All the best,

--
Andre
Looks like this was solved on StackOverflow?
Thanks for including the question link!

On Tue, Apr 24, 2018 at 10:41 AM, Andre Powell <[hidden email]> wrote:

I am able to successfully use the jsp tag hasAnyRoles, but when I try to use hasPermission it appears that upon initialization that information is not being gathered. Is there something that I am missing? Any help would be appreciated.

 

 

 

shiro.ini

==============================

[main]

shiro.loginUrl = /login.jsp



cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager

ds = com.project.util.MYSQLDataSource
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled = true
jdbcRealm.dataSource=$ds
jdbcRealm.authenticationQuery = SELECT password from users where username = ?
jdbcRealm.userRolesQuery = SELECT role_name FROM user_roles WHERE username = ?
jdbcRealm.permissionsQuery = SELECT permission FROM roles_permissions WHERE role_name = ?
jdbcRealmCredentialsMatcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
jdbcRealm.credentialsMatcher = $jdbcRealmCredentialsMatcher



securityManager.realm = $jdbcRealm



[urls]
/login.jsp = authc
/logout = logout
/* = authc

 

 

Variations of roles and permission queries:

#jdbcRealm.userRolesQuery = SELECT role_name FROM user_roles WHERE username = (SELECT username FROM users WHERE username = ?)

#jdbcRealm.permissionsQuery = SELECT permission FROM roles_permissions WHERE UPPER(role_name) = UPPER(?)

 

 

jsp snippet

=====================


<
shiro:hasPermission name="entries:manage">
<button type="submit" id="clearEntries" name="clearEntries" class="btn btn-sm" style="color: #fff!important; background-color: #28A8FF!important; text-transform: uppercase!important; letter-spacing: 1px!important; padding: 10px 20px!important; border: 1px solid #28A8FF!important;">
    Remove Checked
</
button>
</
shiro:hasPermission>
 
 
 
StackOverflow References:
 
https://stackoverflow.com/questions/37534017/configure-apache-shiro-permissions

 



-- 
Andre