Thanks Armando. I think I got Realm part very close to what you have. The only difference is that I am calling info.setStringPermissions(permissions); instead of info.setObjectPermissions(permissions);
I am sure you have a reason to go with your WildcardPermission (Not Shrio) object. Can you share the pro/con? The other part of my concern is how to construct permission dynamically. I would appreciate any thoughts or experience sharing in this area. >>>I would like to build a permission with 3 parts (WSPathName:action:(optional)id) >>>Example: User Web Service (path=user extract from the URI) may look like user:read:1 >>> Role Web Service may look like role:create > -- View this message in context: http://shiro-user.582556.n2.nabble.com/How-to-implement-Authorization-on-Rest-Jersey-Services-using-HttpMethodPermissionFilter-tp5659200p5662264.html Sent from the Shiro User mailing list archive at Nabble.com.
