[
https://issues.apache.org/jira/browse/SHIRO-130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12805940#action_12805940
]
Les Hazlewood commented on SHIRO-130:
-------------------------------------
I think that's a good idea - interfaces are so much better than instanceof
checks (yuck)
> ShiroFilter does not work with proxied security manager
> -------------------------------------------------------
>
> Key: SHIRO-130
> URL: https://issues.apache.org/jira/browse/SHIRO-130
> Project: Shiro
> Issue Type: Bug
> Components: Web
> Affects Versions: 1.0
> Reporter: Peter Ledbrook
> Fix For: 1.0
>
>
> The {{ShiroFilter.isHttpSessions()}} method does an {{instanceof}} check on
> the security manager, checking whether it's an instance of
> {{DefaultWebSecurityManager}}.
> This doesn't work when the security manager is a JDK proxy to a
> {{DefaultWebSecurityManager}} because the proxy implements the
> {{SecurityManager}} interface, which doesn't have the {{isHttpSessions()}}
> method.
> Perhaps we should have a {{WebSecurityManager}} interface with the
> {{isHttpSessions()}} method defined on it?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
