You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2012/05/04 19:48:39 UTC

svn commit: r1334087 - in /cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security: SecureAnnotationsInterceptor.java SimpleAuthorizingInterceptor.java

Author: dkulp
Date: Fri May  4 17:48:39 2012
New Revision: 1334087

URL: http://svn.apache.org/viewvc?rev=1334087&view=rev
Log:
Merged revisions 1334084 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1334084 | dkulp | 2012-05-04 13:46:29 -0400 (Fri, 04 May 2012) | 2 lines

  [CXF-4288] Consider the full signature when mapping methods to roles

........

Modified:
    cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
    cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java

Modified: cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java?rev=1334087&r1=1334086&r2=1334087&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java (original)
+++ cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java Fri May  4 17:48:39 2012
@@ -85,6 +85,7 @@ public class SecureAnnotationsIntercepto
             String theRoles = methodRolesAllowed != null ? methodRolesAllowed : classRolesAllowed;
             if (theRoles != null) {
                 rolesMap.put(m.getName(), theRoles);
+                rolesMap.put(createMethodSig(m), theRoles);
             }
         }
         if (!rolesMap.isEmpty()) {

Modified: cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java?rev=1334087&r1=1334086&r2=1334087&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java (original)
+++ cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/SimpleAuthorizingInterceptor.java Fri May  4 17:48:39 2012
@@ -56,9 +56,27 @@ public class SimpleAuthorizingIntercepto
         }
     }
     
+    protected String createMethodSig(Method method) {
+        StringBuilder b = new StringBuilder(method.getReturnType().getName());
+        b.append(' ').append(method.getName()).append('(');
+        boolean first = true;
+        for (Class<?> cls : method.getParameterTypes()) {
+            if (!first) {
+                b.append(", ");
+                first = false;
+            }
+            b.append(cls.getName());
+        }
+        b.append(')');
+        return b.toString();
+    }
+    
     @Override
     protected List<String> getExpectedRoles(Method method) {
-        List<String> roles = methodRolesMap.get(method.getName());
+        List<String> roles = methodRolesMap.get(createMethodSig(method));
+        if (roles == null) {
+            roles = methodRolesMap.get(method.getName());
+        }
         if (roles != null) {
             return roles;
         }