In the Shiro docs, they configure the global PermissionsResolver in the shiro.ini (see permissionResolver ).
globalPermissionResolver = com.foo.bar.authz.MyPermissionResolver
...
securityManager.authorizer.permissionResolver = $globalPermissionResolver
However, I am using Guice, so I don't want to rely on the shiro.ini. I know that I can call
setPermissionResolver()
in my Realm
but I would rather not since I have multiple Realm
s.
Any ideas? Thanks.
It turns out that by reading the docs mentioned above more carefully, it says that:
If you want to configure a global PermissionResolver, each Realm that is to receive the configured PermissionResolver must implement the PermisionResolverAware interface. This guarantees that the configured instance can be relayed to each Realm that supports such configuration.
It also happens that AuthorizingRealm
already implements this interface so all of the authorizing realms should be able to pick up a PermissionsResolver
.
In order to bind it with Guice, I added this to my ShiroWebModule
:
bind(PermissionResolver.class).to(MyPermissionResolver.class).in(Singleton.class);