Benjamin Marwell created SHIRO-752:
--------------------------------------
Summary: Unnecessary realm checks in ModularRealmAuthorizer
Key: SHIRO-752
URL: https://issues.apache.org/jira/browse/SHIRO-752
Project: Shiro
Issue Type: Improvement
Components: Authorization (access control)
Affects Versions: 1.5.2
Reporter: Benjamin Marwell
h2. Problem description
`public boolean[] isPermitted(PrincipalCollection principals, List<Permission>
permissions)` will check every realm for every permission and does not short
circuit.
{code:java}
if (permissions != null && permissions.length > 0) {
boolean[] isPermitted = new boolean[permissions.length];
for (int i = 0; i < permissions.length; i++) {
isPermitted[i] = isPermitted(principals, permissions[i]);
}
return isPermitted;
}
return new boolean[0];{code}
h2. Expected outcome
Check realm-by-realm, and only those permissions which are not already true
h2. Actual outcome
Each realm is checked anyway.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
