There are two basic ways to assign permissions to a subject: through a realm directly, or the RolePermissionResolver (which basically just maps a role assigned from a realm to a list of permissions)
This is useful when mapping between user groups and application permissions (such as "myapp:somefunction:write"). On Fri, Jan 29, 2016 at 1:24 PM, jonathan.labin <[email protected]> wrote: > Ok. But it appears to me that in the context of a multi-realm situation, a > role that is granted by one realm cannot be used by the second realm to > impart permissions to the user. Each realm considers only the roles that > it > applies to the user when determining permissions? > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Multiple-Realms-one-for-Authentikation-one-for-Authorization-tp1113845p7580942.html > Sent from the Shiro User mailing list archive at Nabble.com. >
