Hi Richard/Stuart, Since I have been looking at something similar but with support for groups (in addition to users and roles) and came up with a database model to store all the authorization information Database Model Question <http://stackoverflow.com/questions/17914671/database-model-for-authorization> . Now I am looking at developing a custom implementation of Shiro PermissionResolver to fit with my model.
I however, haven't had much progress on how to go about it the best approach of introducing groups. Also a question for you both is do you also use Shiro for filtering/authorizing the data accessible to users for VIEWING i.e. if there is a HTML drop down listing all the items the current user has access to - do you use parameterized SQL query of your Shiro permissions to filter out the items that should be in the drop down list. Cheers Ahmed -- View this message in context: http://shiro-user.582556.n2.nabble.com/Best-Permission-Structure-e-g-User-departments-tp7578991p7578999.html Sent from the Shiro User mailing list archive at Nabble.com.
