You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Peter Ledbrook (JIRA)" <ji...@apache.org> on 2010/02/01 10:29:51 UTC

[jira] Assigned: (SHIRO-130) ShiroFilter does not work with proxied security manager

     [ https://issues.apache.org/jira/browse/SHIRO-130?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Peter Ledbrook reassigned SHIRO-130:
------------------------------------

    Assignee: Peter Ledbrook

> ShiroFilter does not work with proxied security manager
> -------------------------------------------------------
>
>                 Key: SHIRO-130
>                 URL: https://issues.apache.org/jira/browse/SHIRO-130
>             Project: Shiro
>          Issue Type: Bug
>          Components: Web
>    Affects Versions: 1.0
>            Reporter: Peter Ledbrook
>            Assignee: Peter Ledbrook
>             Fix For: 1.0
>
>
> The {{ShiroFilter.isHttpSessions()}} method does an {{instanceof}} check on the security manager, checking whether it's an instance of {{DefaultWebSecurityManager}}.
> This doesn't work when the security manager is a JDK proxy to a {{DefaultWebSecurityManager}} because the proxy implements the {{SecurityManager}} interface, which doesn't have the {{isHttpSessions()}} method.
> Perhaps we should have a {{WebSecurityManager}} interface with the {{isHttpSessions()}} method defined on it?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.