[
https://issues.apache.org/jira/browse/ISIS-775?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dan Haywood resolved ISIS-775.
------------------------------
Resolution: Not a Problem
The user had a role mapped to * (wildcard access to everything).
> ISIS-Shiro isPermitted issue
> -----------------------------
>
> Key: ISIS-775
> URL: https://issues.apache.org/jira/browse/ISIS-775
> Project: Isis
> Issue Type: Bug
> Components: Security: Shiro
> Reporter: Ranganath Chittari
> Assignee: Dan Haywood
> Priority: Critical
> Attachments: Shiro-Permissions-Files.zip
>
>
> I want to use Apache-Shiro API methods in my code for some permissions check.
> But permission check is not working in ISIS-Shiro environment as it is based
> on class-based secyrity mechanism.
> For ex:
> in shiro.ini - I gave permission as below:
> site_role = BBY:0540
> In the code subject.isPermitted("BBY:541") also returning true.
> In non-ISIS environment, this security checking is working fine.
> Please help how to solve this issue.
> Please find attached files.
> Shiro version is 1.2.2 as this is coming via Isis-secuirty-shiro-1.3.0
--
This message was sent by Atlassian JIRA
(v6.2#6252)
