Hi, I need per instance security in my application. What I want to do is extend AuthorisationRealm with doGetAuthorisationInfo() and implement my own permissions-scheme to check for the users permissions for a certain domain model instance.
Do I have to check for these permissions myself and throw a security exception in case of no permission or is this automatically done by Shiro when a client calls the restful interface like: http://localhost:8080/restful/objects/nl.pocos.dom.Company/L_10 Regards, Erik
