Comma in role in the properties file is not read correctly by the PropertyRealm
-------------------------------------------------------------------------------
Key: SHIRO-101
URL: https://issues.apache.org/jira/browse/SHIRO-101
Project: Shiro
Issue Type: Bug
Components: Configuration
Affects Versions: Incubation
Environment: Ubuntu 8.10, eclipse Galileo
Reporter: Moataz Elmasry
Fix For: Incubation
I had the following the property file.
user.luke=luke,Pilot
role.Pilot=xWing:fly:xxx,yyy
Now supposdly subject.isPermitted("xWing:fly:xxx") and
Subject.isPermitted("xWing:fly:yyy") should both return true. this is not the
case, since the first returns true and the second false. Now lets exchange the
last term as follows: role.Pilot=xWing:fly:yyy,xxx. and make the same calls
again. Now we see the forst returns false and the second returns true. So now
we know that only the first token before the comma is read.
Looking into shiro code in
org.apache.shiro.util.PermissionUtils.toPermissionStrings() which calls in turn
StringUtils.split(permissionString). This function splits the string around the
comma. So from role.Pilot=xWing:fly:xxx,yyy we get two string: xWing:fly:xxx
and yyy. To prove this theory I called Subject.isPermitted("yyy") which
returned true.
My suggestion would be not to call PermissionUtils at all, since its being
called from WildcardPermission which in turn splits the String using * then the
comma afterwards. So it makes no sense splitting the string with the comma two
times, since the second time there would be nothing to split anyway.
Best regards and thanks for your efforts
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
