Different permissions for Apache Shiro for each user?

Question

Different permissions for Apache Shiro for each user?

I built a database with username and permission

user (identifier, email address, password, permission) permission (id, create_user, delete_user, user_fk)

create_user and delete_user are BOOLEAN.

Relationships: one-one

Now each user can have their own permissions.

My question is: how can I use siro to read permissions from a database?

+4

database jdbc shiro

internet Oct 30 '13 at 21:44

source share

2 answers

André Schild · Answer 1 · 2013-11-03T13:23:52+0000

If you really want to assign permissions at the user level, you can "fake" the role table to make Shiro happy.

Wouter, JdbcRealm 3 . , :

permission (id, permissionname, user_fk)

create_user/delete_user . , (, reset_password) , db.

shiro.ini( shiro):

jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm

:

jdbcRealm.authenticationQuery = select password from user where email=?
jdbcRealm.userRolesQuery = select id from user where email=?
jdbcRealm.authenticationQuery = select permissionname from permission where user_fk=?

: , . , (= user pk) .

Wouter · Answer 2 · 2013-11-02T08:16:30+0000

JdbcReam .ini :

jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm

, , . , user_roles role_permissions.

, :

https://svn.apache.org/repos/asf/shiro/trunk/core/src/main/java/org/apache/shiro/realm/jdbc/JdbcRealm.java

.ini :

jdbcRealm.authenticationQuery=<your password select statement>
jdbcRealm.userRolesQuery=<your role names for username select statement>
jdbcRealm.authenticationQuery=<your permissions for role name select statement>

Different permissions for Apache Shiro for each user?

More articles: