Shilpi Das created SHIRO-621:
--------------------------------
Summary: REST filter bypassing matched path
Key: SHIRO-621
URL: https://issues.apache.org/jira/browse/SHIRO-621
Project: Shiro
Issue Type: Bug
Components: Integration: Guice
Affects Versions: 1.4.0-RC2
Environment: Google App Engine
Reporter: Shilpi Das
Assignee: Jared Bunting
The following filter chains are present in configureShiroWeb() function
addFilterChain("/**/first/second/third/**", filterConfig(AUTHC_BASIC),
filterConfig(REST, "X"));
addFilterChain("/**/first/**", filterConfig(AUTHC_BASIC), filterConfig(REST,
"Y"));
When a request is made for an API- example.appspot.com/v1/first/second/third,
the first filter is bypassed and the access is granted for a user with
permission Y and not with X.
I am using Shiro 1.4.0-RC2 version and Guice 3.0
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
