Hello, I’m trying to learn how to use Shiro for row-level access control. For example suppose I have a resource named foo which is owned by alice. I want only alice to be able to view this resource. So I should give alice the permission resource:view:foo. What are the patterns/best practices for storing this type of permissions, and loading them into the application.
I also came across [1] from 2013 which discusses more or less the same issue. Has there been any new developments in this area? Thanks, Hiranya [1] - http://shiro-user.582556.n2.nabble.com/Best-Permission-Structure-e-g-User-departments-td7578991.html <http://shiro-user.582556.n2.nabble.com/Best-Permission-Structure-e-g-User-departments-td7578991.html> -- Hiranya Jayathilaka Mayhem Lab/RACE Lab; Dept. of Computer Science, UCSB; http://cs.ucsb.edu E-mail: [email protected]; Mobile: +1 (805) 895-7443 Blog: http://techfeast-hiranya.blogspot.com
