You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Manoj Khangaonkar (JIRA)" <ji...@apache.org> on 2011/06/24 01:02:47 UTC
[jira] [Created] (SHIRO-308) WildcardPermission constructor needs
to throw IllegalArgumentException for "" part
WildcardPermission constructor needs to throw IllegalArgumentException for "" part
----------------------------------------------------------------------------------
Key: SHIRO-308
URL: https://issues.apache.org/jira/browse/SHIRO-308
Project: Shiro
Issue Type: Improvement
Components: Authorization (access control)
Affects Versions: 1.1.0
Environment: All operating systems
Reporter: Manoj Khangaonkar
WildcardPermission currently allows "" part in a permission.
This has no real use and can lead to user /programmer errors.
For example:
If instead of File:*:myfile, I accidently create File::myfile
all permission checks will fail as
File::myfile does not imply say File:read:myfile.
Since File::myfile has no meaning, this permission is not securing anything.
File::myfile is broken into the parts "File","","myfile".
Since "" part is unlikely to have any useful meaning, it might be better to throw an IllegalArugmentException if a
permission has a "" part and prevent user/programmer errors.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira