Skip to main content

Home/ Groups/ SoftwareEngineering
Rss Feed
Sort By: Most Recent | Popular Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Comparison of database tools - Wikipedia, the free encyclopedia - 0 views

en.wikipedia.org/...Comparison_of_database_tools

database tools comparison

shared by kuni katsuya on 30 Aug 12 - Cached
kuni katsuya

Shiro Developer - Role "Nesting" or "Inheriting" and RolePermissionResolvers - 0 views

shiro-developer.582600.n2.nabble.com/issionResolvers-td5858003.html

ApacheShiro security permission inheritance

shared by kuni katsuya on 29 Aug 12 - No Cached
  • Shiro support the concept of role inheritance ­ roleA inherits permissions from roleB
  • A given realm knows only its roles, but my application understands the mapping of roles to permissions (or nested roles).  I have a single RolePermissionResolver that ties permissions to roles
  • Example: My security Manager: https://github.com/sonatype/security/blob/master/security-system/src/main/java/org/sonatype/security/DefaultRealmSecurityManager.java#L63
  • ...1 more annotation...
  • My RolePermissionResolver https://github.com/sonatype/security/blob/master/security-realms/security-xml-realm/src/main/java/org/sonatype/security/realms/XmlRolePermissionResolver.java#L47
kuni katsuya

Grails - user - Can Spring Security OR Shiro Enable Fine Grained Hierarchical Permissions? - 0 views

grails.1312388.n4.nabble.com/cal-Permissions-td3239652.html

ApacheShiro security permission inheritance

shared by kuni katsuya on 29 Aug 12 - No Cached
  • one option would be to embed the hierarchy of locations in the permission strings
  • since you can have any number of elements separated by colons
  • Another option would be to create your own Permission instances and implement the isPermitted() method such that it delegates to Location.isIn(Location) for permission checks
  • ...2 more annotations...
  • associate permissions with a particular domain instance AND all children of that instance.
  • associate a single rule/ACL Entry that says Sally has full hierarchical permission over France
kuni katsuya

DomainPermission (Apache Shiro 1.2.1 API) - 0 views

shiro.apache.org/...DomainPermission.html

ApacheShiro DomainPermission JPA

shared by kuni katsuya on 29 Aug 12 - No Cached
  • used as a base class for JPA/Hibernate persisted permissions that wish to store the parts of the permission string in separate columns (e.g. 'domain', 'actions' and 'targets' columns)
kuni katsuya

Permission (Apache Shiro 1.2.1 API) - 0 views

shiro.apache.org/...Permission.html

ApacheShiro permission

shared by kuni katsuya on 29 Aug 12 - No Cached
  • A Permission represents the ability to perform an action or access a resource. A Permission is the most granular, or atomic, unit in a system's security policy and is the cornerstone upon which fine-grained security models are built.
  • a Permission instance only represents functionality or access - it does not grant it
  • permissions are immutable and reflect an application's raw functionality
  • ...4 more annotations...
  • because Permissions represent raw functionality and only change when the application's source code changes, they are immutable at runtime - they represent 'what' the system can do
  • by transitive association, the user 'has' the permissions in their roles
  • all Permission checks are relegated to Realm implementations, and only those implementations really determine how a user 'has' a permission or not
  • Realm could use the semantics described here, or it could utilize some other mechanism entirely
« First ‹ Previous 661 - 680 of 1272 Next › Last »
Showing 20 items per page