[CXF-4288] SecureAnnotationsInterceptor maps roles only based on method name - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.3.10, 2.4.7, 2.5.3, 2.6
Fix Version/s: 2.3.11, 2.4.8, 2.5.4, 2.6.1
Component/s: Core
Labels:
None

Estimated Complexity:
Unknown

Description

The SecureAnnotationsInterceptor maps the roles into the method map only based on the method name. If the class in question is using overloaded methods with different roles for each method, this can result in the wrong roles being applied to the authorization. The map needs to take into account the params/returns as well.

Attachments

Activity

People

Assignee:: Daniel Kulp

Reporter:: Daniel Kulp

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 04/May/12 17:36

Updated:: 05/Jun/12 13:31

Resolved:: 09/May/12 02:36