Hi Jason, What do you mean by 'configure permissions' exactly? Typically permission checks in standalone applications are done by explicitly checking (subject.isPermitted(blah)) or using Shiro's @RequiresPermissions annotation.
Regards, Les On Thu, Jan 21, 2010 at 8:13 PM, Jason Eacott <[email protected]> wrote: > thanks! > now how do I configure permissions etc in spring for a standalone app? > > > Les Hazlewood wrote: >> >> The upcoming Shiro 1.0 release will have improved Spring application >> support, especially for Spring web applications. >> >> In Shiro-enabled Spring web apps today, there was often a hybrid >> configuration - you would usually define an INI-based Shiro Filter in >> web.xml and configure it via INI mechanisms. But often you would >> configure the SecurityManager and its dependencies (Realms, etc) in >> applicationContext.xml. In Shiro 1.0, you will be able to configure >> all of Shiro in your Spring files and only touch web.xml only when >> setting up Shiro for the first time. >> >> There are many benefits for Spring users when configuring Shiro >> entirely in Spring instead of in web.xml: >> >> 1) Shiro configuration can live along side where you configure the >> rest of your application - no need to flip back between web.xml and >> spring files when making configuration changes. >> 2) Shiro configuration can leverage Spring-specific configuration >> benefits, such as PropertyPlaceholderConfigurer for properties based >> configuration at startup, spring-managed lifecycles (init-method, >> destroy-method), circular dependency checks, and more. >> 3) Custom javax.servlet.Filters that you could use in Shiro's powerful >> url-pattern-based filter chain definitions can also be defined in >> Spring and acquired automatically at startup. >> >> The current documentation for all of this is located here: >> >> http://cwiki.apache.org/confluence/display/SHIRO/Spring >> >> Please feel free to review and offer suggestions/improvements. The >> mechanisms documented (using Spring's DelegatingFilterProxy and the >> new ShiroFilterFactoryBean) have been tested and the two spring web >> sample applications have been updated to use this approach. >> >> Early adopters are encouraged to use this newer support before 1.0 is >> released as there probably won't be any significant changes to this >> mechanism before then. (SecurityManager configuration might be >> simplified via a Spring FactoryBean as well, but that won't affect web >> configuration). >> >> Please give it a try and let us know what you think! >> >> Best, >> >> Les >> >
