SimpleShiroSecuredApplication icon indicating copy to clipboard operation
SimpleShiroSecuredApplication copied to clipboard

Published 20 hours ago verified publisher icon SomMeri

Dynamic Roles

Open ricardorqr opened this issue 9 years ago • 3 comments

Meri Hello! It's all right? Sorry if the translation is not correct, but I am Brazilian and I am using a translator. First, congratulations for your article. The world should is full of people like you. I followed the first and second article and be able to implement the security of a web application with Shiro. Thank you! But I have difficulty implementing the creation of roles dynamically without having to implement all the rules in the INI file. Do you understand me? Do you have an email so I can talk better to you? Thank you very much for your attention.

ricardorqr avatar Aug 21 '15 02:08 ricardorqr

Hi, I am glad you found the blog useful. You can ask your questions in here. Technical questions like this might be useful for other people too, so there is no reason to keep them secret.

SomMeri avatar Aug 23 '15 07:08 SomMeri

Meri, my question is how to implement the creation of roles dynamically. I thought to implement as follows: every page of my web system will have their permissions registered in permission table. For example, the pages "function base", "player base" and "universe base" will be registered in permission table. I will have another table that will store all the roles. For example, the role "Manager" have permission "function base" and "universe base". The role of "co-ordinator" will only have permission "function base". So this way I can register new role associating the appropriate permissions. You understand?

My INI file:

[main]
authc.loginUrl = /login.xhtml
user.loginUrl = /login.xhtml
authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter

# Configura dataSouce do banco
dataSource = org.apache.shiro.jndi.JndiObjectFactory
dataSource.resourceName = java:/hotsDS
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $dataSource

# Querys de consulta no banco
jdbcRealm.authenticationQuery = SELECT senha FROM usuario WHERE flagAtivo = 'S' and login = ?
jdbcRealm.userRolesQuery = select up.idPefil from usuarioperfil up, usuario u, perfil p where up.idUsuario = u.idUsuario and up.idPerfil = p.idPerfil and up.idUsuario = u.idUsuario and p.flagAtivo = 'S' and u.flagAtivo = 'S' and up.idUsuario = 23

# Habilita hashing da senha
credentialsMatcher = org.apache.shiro.authc.credential.HashedCredentialsMatcher
credentialsMatcher.hashAlgorithmName = SHA-256
jdbcRealm.credentialsMatcher = $credentialsMatcher

# Usuario padrao
[users]
admin = 123

# Permissao a tudo
[roles]
admin = *

[urls]
/login.xhtml = authc
/** = authc

Everything is correct? I'm forgetting some detail? I emphasize that as I am Brazilian I am using a translator.

ricardorqr avatar Aug 25 '15 00:08 ricardorqr

Are you still there?

ricardorqr avatar Aug 26 '15 14:08 ricardorqr