I'm just wondering if we have a page level permission settings in Shiro? For example I have a jsf page that I only want to show in user with role staff and permission delete.
In JBoss we have something like:
<page xmlns="http://jboss.com/products/seam/pages"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.1.xsd">
<restrict>#{persistentPermissionResolver.hasPermission('staff','delete')}</restrict>
</page>
Is this functionality also available in JavaEE6 + Shiro + JSF? It seems the JSP and JSF plugin only supports enabling a certain portion of a webpage being accessible to a certain role with a certain permission.
Thanks,
czetsuya
After fiddling with it for sometime I concluded that having the same functionality as that of Seam is impossible, but Apache Shiro offers the same fine-grained control through permission. Wherein you can control who access/what. As to how I integrate Apache Shiro with JavaEE6, here's how I did it: http://czetsuya-tech.blogspot.com/2012/10/how-to-integrate-apache-shiro-with.html.