Thomas Frühbeck created DELTASPIKE-801: ------------------------------------------
Summary: Security: SecurityParameterValueRedefiner doesnt recognize @Nonbinding Key: DELTASPIKE-801 URL: https://issues.apache.org/jira/browse/DELTASPIKE-801 Project: DeltaSpike Issue Type: Bug Components: Security-Module Affects Versions: 1.2.0 Environment: Wildfly 8.1.0.Final / JSF / DeltaSpike Reporter: Thomas Frühbeck According specification @Nonbinding annotation desingates properties of annotations to be ignored when checking for equality. Nevertheless I get a missing parameter binding exception in following situation: Exception: java.lang.IllegalStateException: Missing required security parameter binding [@at.telekom.sms.web.security.AuthorizedParam(action=UPDATE)] on method invocation [net.a1.csms.jsf.GroupBean.setCsmsGroup(class at.telekom.sms.persistence.entities.SmsLists)] Binding Annotaiton: @SecurityParameterBinding @Target({ TYPE, METHOD, FIELD, PARAMETER }) @Retention(RUNTIME) public @interface AuthorizedParam { @Nonbinding Action action() default Action.UPDATE; } Authorizer: public class MssmsAuthorizer { @Secures @Authorized public boolean authorized(InvocationContext ctx, @LoggedIn MssmsUser mssmsUser, @AuthorizedParam SmsLists smsList) { return doAuthorize(ctx, mssmsUser, smsList); } } Annotated Bean method: { @Authorized @OpenTransactionProvided(rollbackOnly=true) public void setCsmsGroup(@AuthorizedParam(action=Action.READ) final SmsLists newGroup) { ... } } -- This message was sent by Atlassian JIRA (v6.3.4#6332)