Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.1.0
-
None
-
None
Description
Currently, the implicit iniRealm processes its role and permissions strings to early. Overriding the permissionResolver and or rolePermissionResolver has no effect.
The realm is constructed by calling
new IniRealm(ini) (IniSecurityManagerFactory.java:254)
This constructor then calls
processDefinition(ini) right away (IniRealm.java:60)
This fills in the roles and users maps in SimpleAccountRealm, but it will use the default permissionResolver to do so because getPermissionResolver() (TextConfigurationRealm.java:144) will return the default instance.
IniRealm should probably not do any initialisation code (processDefinition) before init is called. It overrides onInit() but tests whether the roles and users collections are empty before doing any processing (and it will only initialise if it was constructed with a resourcePath)...