Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Cannot Reproduce
-
None
-
None
Description
Even with the following in isis.properties:
isis.authorization=file
isis.authorization.file.whitelist=allow.properties
isis.authorization.file.blacklist=disallow.properties
the file authorizor is picked up:
13:41:06,268 [FileAuthorizor main INFO ] loading authorization details from allow.properties
13:41:06,269 [FileAuthorizor main INFO ] loading authorization details from allow.properties
13:41:06,269 [JmxBeanServer main INFO ] JMX bean server created
13:41:06,299 [JmxBeanServer main INFO ] file-authorizer JMX mbean registered: org.apache.isis.security.file.authorization.FileAuthorizor@34a083f2
But it does not work - services that are listed in the disallow.properties and services not listed in the allow.properties are still available.