[jboss-jira] [JBoss JIRA] (SECURITY-637) Locators do not actually evaluate Policy Targets (using WrapperPolicyFinderModule)
[
https://issues.jboss.org/browse/SECURITY-637?page=com.atlassian.jira.plug...
]
Dan Gradl commented on SECURITY-637:
------------------------------------
If I go ahead and modify WrapperPolicyFinderModule to do a proper evaluation of the
targets... it is possible that people have written policies without giving consideration
to target because of this, and therefore may need to modify their policies when taking the
new version of this. Any concerns?
Locators do not actually evaluate Policy Targets (using
WrapperPolicyFinderModule)
----------------------------------------------------------------------------------
Key: SECURITY-637
URL: https://issues.jboss.org/browse/SECURITY-637
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Reporter: Dan Gradl
Assignee: Dan Gradl
The PolicyLocator and PolicySetLocator hold policies in a WrapperPolicyFinderModule,
which always returns the policy when the evaluate method is called... the target is not
actually evaluated. Compare to the SunXACML StaticPolicyFinderModule.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira