Thanks for the quick reply Les. This sort of thing makes feel good about picking Shiro as the security framework for our project. We are using Jersey, but the annotations are in fact JSR-spec. I need to build something rather quickly I will likely use the HttpMethodPermissionFilter (or maybe the AspectJ implementation that is currently there) in the short term (very short). However, longer-term it would be great to have the JSR-311 annotation support. As for HttpMethodPermissionFilter: The Shiro documentation does mention that it has item level permissions, but I don't see how that can be used by HttpMethodPermissionFilter (or with AOP for that matter). Am I missing something?
Mike -- View this message in context: http://shiro-user.582556.n2.nabble.com/Jersey-support-tp5453408p5453794.html Sent from the Shiro User mailing list archive at Nabble.com.
