Uploaded image for project: 'Geode'
  1. Geode
  2. GEODE-7396

JavaBeanAccessorMethodAuthorizer does not authorize methods on java.io classes

    XMLWordPrintableJSON

    Details

      Description

      The following test failed using an authorizer with java.lang and java.io packages specified as allowed. It's unclear at this time if the problem is related specifically to the java.io package or if it is a problem with how the JavaBeanAccessorMethodAuthorizer handles multiple parameters.

       
      @Test
        public void test() throws NoSuchMethodException {
          Method disallowedJavaIOMethod = File.class.getMethod("getPath");
          assertThat(authorizerWithStringAndIOPackageSpecified.authorize(allowedJavaIOMethod, new File(""))).isTrue();
        } 
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                donalevans Donal Evans
                Reporter:
                donalevans Donal Evans
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h
                  1h