You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Manoj Khangaonkar (JIRA)" <ji...@apache.org> on 2011/06/24 01:02:47 UTC

[jira] [Created] (SHIRO-308) WildcardPermission constructor needs to throw IllegalArgumentException for "" part

WildcardPermission constructor needs to throw IllegalArgumentException for "" part
----------------------------------------------------------------------------------

                 Key: SHIRO-308
                 URL: https://issues.apache.org/jira/browse/SHIRO-308
             Project: Shiro
          Issue Type: Improvement
          Components: Authorization (access control) 
    Affects Versions: 1.1.0
         Environment: All operating systems
            Reporter: Manoj Khangaonkar


WildcardPermission currently allows "" part in a permission.
This has no real use and can lead to user /programmer errors.

For example:

If instead of File:*:myfile, I accidently create File::myfile

all permission checks will fail as

File::myfile does not imply say File:read:myfile.

Since File::myfile has no meaning, this permission is not securing anything.

File::myfile is broken into the parts "File","","myfile".

Since "" part is unlikely to have any useful meaning, it might be better to throw an IllegalArugmentException if a 
permission has a "" part and prevent user/programmer errors.


--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira