Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.
This plugin enables access control on controller actions via a set of annotations. Security checks will be performed before an action is invoked. Annotated actions will be executed if the user meets the security criteria, otherwise execution is aborted. The plugin assumes sensible defaults where needed but also lets you customize behavior.
Refer to the plugin guide for further information on configuration and usage.