The best thing to do here IMO is to create an interface that your controller calls. The implementation of this interface can delegate to the Realm to clear the cached permissions. I've done this on projects with good results: loosely coupled and it works well.
You could also make this totally decoupled and use a simple event system: trigger an event from the controller and the Realm is a listener for that event that clears out that cache entry upon receiving the event. Just some ideas - I hope that helps! -- Les Hazlewood | @lhazlewood CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282 On Mon, Jul 1, 2013 at 3:01 PM, Pillar <[email protected]> wrote: > I need to be able to remove or add permissions for my users. For example, a > user is able to create a playlist. When the playlist is created, he is > allowed to delete it, but he isn't allowed to delete playlist that others > have made (obviously). > > I have an AuthorizingRealm that builds the AuthorizationInfo (ex: from each > user's playlists) for each Subject but this gets cached, which prevents my > application from seeing reloaded/refreshed permissions. > > I've read some other posts and seen that you can call > AuthorizingRealm#clearCachedAuthorizationInfo(PrincipalCollection > principals). I'm using Spring MVC and I don't really want to inject my > Realm > implementation into a controller or service class just because it doesn't > really belong in that stack. Is there another solution to refreshing > permissions (other than disabling caching)? > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Updating-permissions-dynamically-at-runtime-tp7578886.html > Sent from the Shiro User mailing list archive at Nabble.com. >
