Shiro plugin upgrade authenticates but authorizations fail

[deuseks]

I just upgraded my code (grails 1.3.5) and Shiro plugin to 1.1 and I cannot seem to get a true result from my calls to

Code:

SecurityUtils.hasRole("Administrator")

Now when I upgraded I did so and also used the --prefix setting in creating a DBRealm .. So I now have a package structure to my realm classes and my ShiroUser/ShiroRole etc.. domain classes. Everything runs fine and login is successful but all calls to hasRole return false.

...and yes.. I do have the role created and assigned to my user. Db look accurate.

I tried adding logging statements to my ShiroDBRealm class, hasRole method but the log messages never appear on the console.

What did I break.... ? is there somewhere that the DBRealm class is passed to the SecurityUtils class and I just missed it ?

thanks

[pledbrook]

I just upgraded my code (grails 1.3.5) and Shiro plugin to 1.1 and I cannot seem to get a true result from my calls to

Code:

SecurityUtils.hasRole("Administrator")

I assume you mean SecurityUtils.subject.hasRole("Administrator")? I would try debugging into your realm implementation or putting print statements into the realm's hasRole() implementation. Check whether it's being called and what it's returning.

Are the GSP tags working as expected? How about the role() method in filters?

Peter

[deuseks]

Peter,
I found my problem to be with the setup of my ShiroUser, ShiroRole and ShiroPermissions classes.

When I installed the plugin, I ran the create-db-realm script which generated a bunch of domain classes for me. But these classes do not have their relationships to each other set up. So I messed up the creation of those relationships.

So for now.. I have resolved the problem by using the ShiroDBRealm class generated by the quick-start script.

Thanks !

Deus