Hi Pham, You will need to write DAO classes/interfaces that go directly to your repository or cache and return the data to your UI.
It would be useful for the Shiro framework to add say a getPermissions method to may be the Subject interface. Something like List<Permission> lp = subject.getPermissions() But it is currently not there. In my experience , it is necessary to partition permissions based on context. So something like List<Permission> lp = subject.getPermissions(context) would be even better. Manoj On Mon, Oct 31, 2011 at 6:16 AM, Pham Tran Quoc Viet <[email protected]> wrote: > Manoj, > I figured that out after I sent the email. Thank you so much for still > answering my stupid question. > I hope this question is not as stupid: > My application is GXT-based, a framework built on top of GWT. After > authentication, I need to gather a list of roles and permissions, which come > out of the database, and return to client codes so that it can determine > what menu to display. One of the google search result shows that there is no > way for me to do that because Subject class does not have any method to deal > with it. Wonder what is the cleanest way to do this? I was thinking of > instantiating an object of my custom realm and call doGetAuthorizationInfo > method. Use session instead? Your thoughts are greatly appreciated. > Thanks. > > On Sun, Oct 30, 2011 at 7:40 PM, Manoj Khangaonkar <[email protected]> > wrote: >> >> subject.isAuthenticated() >> >> -- Manoj >> >> On Sat, Oct 29, 2011 at 10:31 AM, Pham Tran Quoc Viet >> <[email protected]> wrote: >> > Thanks. I got it working. >> > Upon posting back, how do I check the fact that the user has been logged >> > in? >> > Thanks. >> > >> > On Fri, Oct 28, 2011 at 11:35 AM, Manoj Khangaonkar >> > <[email protected]> >> > wrote: >> >> >> >> See the Shiro documentation on how to turn on caching. >> >> >> >> When Caching in turned on , the Realm methods will not get called >> >> everytime. >> >> >> >> Manoj >> >> >> >> On Fri, Oct 28, 2011 at 6:11 AM, Pham Tran Quoc Viet >> >> <[email protected]> wrote: >> >> > Hi All, >> >> > I have two questions: >> >> > 1) How do I initialize both authentication and authorization at the >> >> > time >> >> > of >> >> > log-in. I want to do this to avoid querying db twice (one for >> >> > authentication >> >> > and one for authorization)? Any sample code would be the easiest to >> >> > get >> >> > me >> >> > started. >> >> > 2) Each time I call currrentUser.login() (just for testing purpose as >> >> > multiple login does not happen in real life), doGetAuthenticationInfo >> >> > is >> >> > called. As a result, db is queried. Each time I call >> >> > currrentUser.hasRole(), doGetAuthorizationInfo is then called. As a >> >> > result, >> >> > db is queried again. How do I avoid this repeated db queries? >> >> > Thanks. >> >> >> >> >> >> >> >> -- >> >> http://khangaonkar.blogspot.com/ >> > >> > >> >> >> >> -- >> http://khangaonkar.blogspot.com/ > > -- http://khangaonkar.blogspot.com/
