Seconded, I'd be interested see what you've done. This whole email thread has been super interesting, I need to re-read it when I've had a lot more coffee and it will sink in.
On Thu, Sep 29, 2016 at 9:25 AM, Brian Demers <[email protected]> wrote: > Cool! > > Any chance you can post an example of your target resolver? > > On Thu, Sep 29, 2016 at 7:08 AM, armandoxxx <[email protected]> > wrote: > >> This is the root of all evil for instance base permission checks.. >> >> our problem was ... that user had 2000 IDs in the permission ... so >> writing >> permission with 2000 Ids in the target was not an option. >> >> First thing we did was: >> First we did was use mongoDb for fast read, store of (instance - per user >> permissions) ... so realms would load data from there .. (caching) >> >> The second thing we did was to override isPermitted() method to check >> targets of permissions and introduced target resolvers ... >> >> example permission was "products:list:PRODUCT_TARGET_RESOLVER" ... >> >> PRODUCT_TARGET_RESOLVER - became constant to to load target resolver, >> which >> checked instance permissions ... >> >> it was a dirty job since Shiro does not support target resolvers ... so we >> extended Shiro to support it ... >> >> How you implement it is up to you ... >> >> Regards >> >> Armando >> >> >> >> >> >> >> >> >> >> -- >> View this message in context: http://shiro-user.582556.n2.na >> bble.com/Authentication-with-huge-number-of-entites-tp758130 >> 5p7581306.html >> Sent from the Shiro User mailing list archive at Nabble.com. >> > >
