[SHIRO-579] Permission filter is validating last matched path - ASF JIRA

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Link

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: 1.3.0
Fix Version/s: 1.4.0
Component/s: Integration: Guice
Labels:
None
Environment:
Google App Engine

Description

Following filter chain is present in configureShiroWeb() function

addFilterChain("/*/first/second/*", AUTHC_BASIC, config(PERMS, "X:create"));
addFilterChain("/*/first/*", AUTHC_BASIC, config(PERMS, "Y:create"));

for a URL : example.appspot.com/_ah/api/hello/v1/first/second/third the access is granted for a user with permission Y:create and not with X:create.

Attachments

Issue Links

Add Link

relates to

SHIRO-605 ShiroWebModule creates out of order filter chain.

Resolved

Delete this link

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Jared Bunting

Reporter:: Kusmanjali

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Aug/16 19:57

Updated:: 15/Dec/16 17:43

Resolved:: 15/Dec/16 17:43

Agile

View on Board

Permission filter is validating last matched path

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile

Slack

Issue deployment