James Chaplin created WW-5012:
---------------------------------
Summary: Make a public state check the first acceptance check in
SecurityMemberAccess
Key: WW-5012
URL: https://issues.apache.org/jira/browse/WW-5012
Project: Struts 2
Issue Type: Improvement
Components: Core
Affects Versions: 2.5.20
Environment: All environments.
Reporter: James Chaplin
Fix For: 2.5.21, 2.6
During discussion for WW-5004, a recommendation was made by two Apache Struts
Team members to adjust the sequence of calls in the SecurityMemberAccess module.
The recommendation was to make the member's public state check (e.g.
checkPublicMemberAccess()) the absolute first check made during acceptance
checks).
This improvement would look at implementing this change for the access check
ordering, and any minor enhancements that are applicable to the ordering change.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
