[
https://issues.apache.org/jira/browse/CXF-4288?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp updated CXF-4288:
-----------------------------
Description: The SecureAnnotationsInterceptor maps the roles into the
method map only based on the method name. If the class in question is using
overloaded methods with different roles for each method, this can result in the
wrong roles being applied to the authorization. The map needs to take into
account the params/returns as well. (was:
The SecureAnnotationsInterceptor maps the roles into the method map only based
on the method name. If the class in question is using overloaded methods with
different roles for each method, this can result in the wrong roles being
applied to the authorization. The map needs to take into account the
params/returns as well.)
Affects Version/s: 2.3.10
2.4.7
2.5.3
Fix Version/s: 2.3.11
2.4.8
2.5.4
> SecureAnnotationsInterceptor maps roles only based on method name
> -----------------------------------------------------------------
>
> Key: CXF-4288
> URL: https://issues.apache.org/jira/browse/CXF-4288
> Project: CXF
> Issue Type: Bug
> Components: Core
> Affects Versions: 2.3.10, 2.4.7, 2.5.3, 2.6
> Reporter: Daniel Kulp
> Assignee: Daniel Kulp
> Fix For: 2.6.1, 2.5.4, 2.4.8, 2.3.11
>
>
> The SecureAnnotationsInterceptor maps the roles into the method map only
> based on the method name. If the class in question is using overloaded
> methods with different roles for each method, this can result in the wrong
> roles being applied to the authorization. The map needs to take into
> account the params/returns as well.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
