[
https://jira.jboss.org/jira/browse/SECURITY-460?page=com.atlassian.jira.p...
]
Stefan Guilhen closed SECURITY-460.
-----------------------------------
Resolution: Done
A new configuration property has been added to ACLProviderImpl: checkParentACL. When this
property is set to true, the isAccessGranted method behaves just like the getEntitlements
method - that is, if the ACL for a specific resource can't be found, the method
recursively checks if the parent resource (if any) has an associated ACL until an ACL is
found or until it reaches the root of the resource tree.
ACLProviderImpl getEntitlements and isAccessGranted methods don't
have consistent behavior
------------------------------------------------------------------------------------------
Key: SECURITY-460
URL:
https://jira.jboss.org/jira/browse/SECURITY-460
Project: JBoss Security and Identity Management
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: ACL
Affects Versions: JBossSecurity_2.0.4.SP3
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: JBossSecurity_2.0.4.SP4
The getEntitlements method checks for parent resources ACLs when the ACL for an specific
resource is not found. The isAccessGranted method throws and exception when an ACL
can't be found which is inconsistent with the behaviour of the getEntitlements method.
This method needs to be fixed to look for parent resources ACLs in this situation.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira