Hi,
I had the same issue but resolved it by extending the JdbcRealm (and
configure it in shiro.ini) where during each login the cached
authorizations for the current user are cleared. See code below.
"jdbcRealm" is the variable of my realm in shiro.ini. The user obviously
has to log out and log in again for it to work.
public class PortalJdbcRealm extends JdbcRealm
{
@Override
protected AuthenticationInfo
doGetAuthenticationInfo(AuthenticationToken token) throws
AuthenticationException
{
SimplePrincipalCollection principals = new
SimplePrincipalCollection(token.getPrincipal(), "jdbcRealm");
super.doClearCache(principals);
return super.doGetAuthenticationInfo(token);
}
}
Erik
On 06/11/2014 10:14 AM, Dan Haywood wrote:
Mucho gracias.
On 11 June 2014 09:12, <[email protected]> wrote:
Done.
-----Original Message-----
From: Dan Haywood [mailto:[email protected]]
Sent: Wednesday, June 11, 2014 1:30 PM
To: users
Subject: Re: Isis Shiro - Server restart for loading new permission
That's great to hear.
Could you attach a further comment to the ticket on the configuration
changes you made. I'll then create a page on our website for the benefit
of others.
Cheers
Dan
On 11 June 2014 07:58, <[email protected]> wrote:
HI Dan,
After removing caching, it's working.
Note: But even without logout( in case admin itself is updated with
any role in its session) new roles and permission are getting reflected..
Thanks
Ranganath.
-----Original Message-----
From: Dan Haywood [mailto:[email protected]]
Sent: Wednesday, June 11, 2014 12:03 PM
To: users
Subject: Re: Isis Shiro - Server restart for loading new permission
Thanks for this; however Okwui (James) a day or two ago suggested on
this thread that (I quote): "you have to configure in the Shiro.ini
and remove the caching". This suggests to me that the change you need
to make is in the Shiro level, not Isis.
Have you subscribed to the shiro users' group to ask their opinion there?
Meantime, I will look at this when I get a chance, since we'd like to
provide out-of-the-box support for this use case with the minimum of
configuration requirements.
Dan
On 11 June 2014 07:21, <[email protected]> wrote:
Hi Dan,
I had uploaded the required files in the JIRA:
https://issues.apache.org/jira/browse/ISIS-799
.
Please check. Waiting for your feedback.
Thanks
Ranganath
-----Original Message-----
From: Dan Haywood [mailto:[email protected]]
Sent: Monday, June 09, 2014 11:36 AM
To: users
Subject: Re: Isis Shiro - Server restart for loading new permission
I've created ISIS-799 [1] for this.
[1] https://issues.apache.org/jira/browse/ISIS-799
On 9 June 2014 08:03, Dan Haywood <[email protected]>
wrote:
From your description, obviously there's some caching of roles
going on that needs to be cleared. I'm just not sure if it's at
the Shiro level, or in Isis itself.
Would it be possible for you to share your Shiro configuration so
I can look to reproduce? It'd also be useful for us to add to the
website. I guess I need the shiro.ini, the SQL scripts for
creating the tables and data, and any other referenced
configuration files (if
any).
Dan
On 6 June 2014 13:38, <[email protected]> wrote:
Hi,
I created security ISIS service (application-specific) to create
users, roles and permissions and their mappings from UI.
I am facing one issue in the following scenario:
1. Using SQL script one user(admin) with role access to all
services inserted into security tables
2. Logged in using admin to create another user(BBY) to access
some
services
3. Logged out admin
4. Logged in using BBY. BBY doesn't see those services which
are
given access by admin
5. Jetty server restart and logged in using BBY
6. BBY now can be able to see those services.
I think when BBY user logs in should see the services as this
user has got permissions even without restart the server.
The information contained in this electronic message and any
attachments to this message are intended for the exclusive use of
the
addressee(s) and may contain proprietary, confidential or
privileged information. If you are not the intended recipient,
you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately and destroy all copies of
this message
and any attachments.
WARNING: Computer viruses can be transmitted via email. The
recipient should check this email and any attachments for the
presence of viruses.
The company accepts no liability for any damage caused by any
virus transmitted by this email.
www.wipro.com
The information contained in this electronic message and any
attachments to this message are intended for the exclusive use of
the
addressee(s) and may contain proprietary, confidential or privileged
information. If you are not the intended recipient, you should not
disseminate, distribute or copy this e-mail. Please notify the
sender immediately and destroy all copies of this message and any
attachments.
WARNING: Computer viruses can be transmitted via email. The
recipient should check this email and any attachments for the presence
of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
The information contained in this electronic message and any
attachments to this message are intended for the exclusive use of the
addressee(s) and may contain proprietary, confidential or privileged
information. If you are not the intended recipient, you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s) and
may contain proprietary, confidential or privileged information. If you are
not the intended recipient, you should not disseminate, distribute or copy
this e-mail. Please notify the sender immediately and destroy all copies of
this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
