You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by xu...@apache.org on 2010/08/13 12:05:13 UTC
svn commit: r985149 -
/geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java
Author: xuhaihong
Date: Fri Aug 13 10:05:12 2010
New Revision: 985149
URL: http://svn.apache.org/viewvc?rev=985149&view=rev
Log:
Do not create AuthConstraint object while roles is empty and PermitAll is configured
Modified:
geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java
Modified: geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java?rev=985149&r1=985148&r2=985149&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java (original)
+++ geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java Fri Aug 13 10:05:12 2010
@@ -510,7 +510,8 @@ public class SpecSecurityBuilder {
}
if (emptyRoleSemantic.equals(ServletSecurity.EmptyRoleSemantic.DENY)) {
securityConstraint.setAuthConstraint(new AuthConstraint());
- } else {
+ } else if (rolesAllowed.length > 0) {
+ //When rolesAllowed.length == 0 and emptyRoleSemantic.equals(ServletSecurity.EmptyRoleSemantic.PERMIT), no need to create the AuthConstraint object, as it means deny all
AuthConstraint authConstraint = new AuthConstraint();
for (String roleAllowed : rolesAllowed) {
authConstraint.getRoleName().add(roleAllowed);