Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-553

Parsing od roles filter on urls incorrect

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 1.2.4
    • None
    • Configuration
    • None
    • Web application where shiro should authorize a specific URL formore than 1 role

    Description

      My SHIRO.INI on URLS section:

      [urls]
      /rest/test/** = authcBasic, roles[admin,normal]

      Unfortuntely Shiro can't read correctly the array of roles.

      I think the bug is in StringUtils class int the method:
      public static String[] split(String aLine, char delimiter, char beginQuoteChar, char endQuoteChar, boolean retainQuotes, boolean trimTokens)

      At line 392 there is an IF stament:

      } else if (c == delimiter && !inQuotes) {

      I believe that the NOT in Quotes is wrong because it should read the token if it is inQuote.

      Furthermore this method seems to be called with the argument "retainQuotes" set to TRUE. I thing, for RolesFilter should be called with FALSE

      Attachments

        Activity

          People

            Unassigned Unassigned
            stocki Stock
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: