shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Demers (JIRA)" <>
Subject [jira] [Commented] (SHIRO-579) Permission filter is validating last matched path
Date Mon, 10 Oct 2016 19:01:20 GMT


Brian Demers commented on SHIRO-579:


This is the first I've heard of this type of issue.  I know there are a few _problems_ when
using Guice 4.x with Shiro.  Specifically around the API change in Guice 4 with key types.
(are you running with any patches?)

I put a pull request together (WIP), but if you want to test that out, let me know. 

> Permission filter is validating last matched path
> -------------------------------------------------
>                 Key: SHIRO-579
>                 URL:
>             Project: Shiro
>          Issue Type: Bug
>          Components: Integration: Guice
>    Affects Versions: 1.3.0
>         Environment: Google App Engine
>            Reporter: Kusmanjali
>            Assignee: Jared Bunting
>            Priority: Blocker
> Following filter chain is present in configureShiroWeb() function 
> addFilterChain("/**/first/second/**", AUTHC_BASIC, config(PERMS, "X:create"));
> addFilterChain("/**/first/**", AUTHC_BASIC, config(PERMS, "Y:create"));
> for a URL : the access is granted
for a user with permission Y:create and not with X:create.

This message was sent by Atlassian JIRA

View raw message