Hi Al, Moataz is correct - you can't use the Shiro API to directly add permissions, roles, groups or mappings thereof because that requires intimate knowledge of your application's data model, which Shiro can't possibly know.
A fairly common solution is to have something like a UserManager/UserService (or similar) that performs these additions/associations and then have your Realm use that same service when doing the lookups for authentication and authorization. HTH, Les On Tue, Nov 17, 2009 at 8:01 AM, Moataz Elmasry <[email protected]> wrote: > Adding/deleting permissions to my understanding would mean changing the > contents of the realm (properties file, database, etc...). > shiro only offers a general use realm, but nothign specific, since shiro > can't forsee what structure your realm have. > So my answer to your question would be: you can't add permissions > programatically only with shiro, you'll need to extend your own realm and > add your add/delete functions. > > Hope this helps > Moataz > > > aloleary wrote: >> >> Hello, Simple question really - what is the best approach for adding >> permissions >> (wildcard is perfect) at runtime ? >> >> I need to programatically setup a users permissions. >> >> Any tips/hints appreciated >> >> thanks >> -A- >> > >
