[
https://issues.apache.org/jira/browse/SHIRO-237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12992240#comment-12992240
]
Les Hazlewood commented on SHIRO-237:
-------------------------------------
I agree - #2 is the preferred solution IMO. It will be easy to refactor the
other non-default constructors to ensure that they also do the same thing as
the no-arg constructor. Thanks for pointing this out!
> nullpointer error at permission check when no permissionresolver is set
> -----------------------------------------------------------------------
>
> Key: SHIRO-237
> URL: https://issues.apache.org/jira/browse/SHIRO-237
> Project: Shiro
> Issue Type: Bug
> Components: Realms
> Affects Versions: 1.1.0
> Environment: all
> Reporter: Korbinian Bachl
> Assignee: Kalle Korhonen
> Priority: Critical
>
> in class AuthorizingRealm, the isPermitted( ... checks never look if the the
> permissionResolver are set but allways will query them in case a permission
> reqeust os asked for.
> Solutions:
> 1. catch empty/ null permissionResolver in Authorizingrealm
> 2. force that all derived AuthorizingRealms have a permissionResolver by
> making this required in the constructor
> 3. defaultset the current only implementation (WildcardPermissionResolver)
> into the getPermissionResolver method so either this one is used or it has to
> be overwritten
> I would suggest 2. as its most clean and will fail/ force to be cared with at
> compiletime already.
> PS: this is the issue described in my mailing to list
> http://mail-archives.apache.org/mod_mbox/shiro-user/201012.mbox/browser
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
