cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kulp (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-4288) SecureAnnotationsInterceptor maps roles only based on method name
Date Fri, 04 May 2012 17:36:47 GMT
Daniel Kulp created CXF-4288:
--------------------------------

             Summary: SecureAnnotationsInterceptor maps roles only based on method name
                 Key: CXF-4288
                 URL: https://issues.apache.org/jira/browse/CXF-4288
             Project: CXF
          Issue Type: Bug
          Components: Core
    Affects Versions: 2.6
            Reporter: Daniel Kulp
            Assignee: Daniel Kulp
             Fix For: 2.6.1



The SecureAnnotationsInterceptor maps the roles into the method map only based on the method
name.  If the class in question is using overloaded methods with different roles for each
method, this can result in the wrong roles being applied to the authorization.   The map needs
to take into account the params/returns as well.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message