Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-237

nullpointer error at permission check when no permissionresolver is set

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 1.1.0
    • 1.2.0
    • Realms
    • None
    • all

    Description

      in class AuthorizingRealm, the isPermitted( ... checks never look if the the permissionResolver are set but allways will query them in case a permission reqeust os asked for.

      Solutions:
      1. catch empty/ null permissionResolver in Authorizingrealm
      2. force that all derived AuthorizingRealms have a permissionResolver by making this required in the constructor
      3. defaultset the current only implementation (WildcardPermissionResolver) into the getPermissionResolver method so either this one is used or it has to be overwritten

      I would suggest 2. as its most clean and will fail/ force to be cared with at compiletime already.

      PS: this is the issue described in my mailing to list
      http://mail-archives.apache.org/mod_mbox/shiro-user/201012.mbox/browser

      Attachments

        Activity

          People

            kaosko Kalle Korhonen
            korbinian Korbinian Bachl
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: