How can attribute-level permissions be defined in Apache Shiro -

from docs read it's possible define attribute-level permissions (as resource , instance levels)

attribute level - permission specifies attribute of instance or resource. user can edit address on ibm customer record.

how can these permissions defined declaratively using <resource>:<action>:<instance> format in permissions in shiro defined? seem logical if it's possible <resource>:<action>:<instance>:<attributename> can't find docs anywhere discussing this.

did check http://shiro.apache.org/permissions.html?

you can create strings own information. in our code use custom realms add permissions programmatically so:

public class ourauthorizingream extends authorizingrealm {   ... @override public authorizationinfo dogetauthorizationinfo(principalcollection principals) {     ... code find permission infp      simpleauthorizationinfo info = new simpleauthorizationinfo();     while (.. looping through permission info){             info.addstringpermission(... permission string constructed);     }     return info; }