.please guide me that i have 2 methods in my Controller one is login and second is logout. and 1 role 'user' defined in my DB and i have a user with that role. now what i want to do is that person can login but could not access the logout button. how can i add permission/restri开发者_Go百科ctions that would allow that user not to Logout.
Take a look at your other question (http://stackoverflow.com/questions/5815401/how-to-implement-shiro-security-of-grails-in-my-project) and use roleUser.addToPermissions('auth:login,signIn')
as permission. This adds the permissions as described in your question: only login is allowed, logout is not in the list and thus not allowed. We have to state not only login
which will show the login screen, but also signIn
which is the action of the actual sign in.
精彩评论