For those that might want a better backstory on Shiro's approach to permissions and why it exists, or if you'd like to understand them better, I created the following blog article:
The New RBAC: Resource-Based Access Control: http://www.katasoft.com/blog/2011/05/09/new-rbac-resource-based-access-control I hope it helps people new to Shiro (or new to security in general) better understand this very powerful feature that has been supported in Shiro since day one. Cheers, -- Les Hazlewood Founder, Katasoft, Inc. Application Security Products & Professional Apache Shiro Support and Training: http://www.katasoft.com
