Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-579

Permission filter is validating last matched path

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • 1.3.0
    • 1.4.0
    • Integration: Guice
    • None
    • Google App Engine

    Description

      Following filter chain is present in configureShiroWeb() function

      addFilterChain("/*/first/second/*", AUTHC_BASIC, config(PERMS, "X:create"));
      addFilterChain("/*/first/*", AUTHC_BASIC, config(PERMS, "Y:create"));

      for a URL : example.appspot.com/_ah/api/hello/v1/first/second/third the access is granted for a user with permission Y:create and not with X:create.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. SHIRO-605 ShiroWebModule creates out of order filter chain.

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              deraj123 Jared Bunting
              kushmanjali@gmail.com Kusmanjali
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: