To follow up on this. I just noticed the pull request from Laszlo. Thanks!
https://github.com/apache/shiro/pull/54 Can you open a JIRA as well, that way we can track this in the release notes? On Tue, Dec 27, 2016 at 3:31 PM, Laszlo Hornyak <[email protected]> wrote: > Hi Tamas, > > Nice to meet you on this list :) > > That indeed is the reason why the type-annotations were ignored and by > replacing the AuthorizationAttributeSourceAdvisor with a custom one I > have worked around the problem, but I am still wondering if this is the > intended behavior or this is a bug. > > Basically this is the workaround: > override fun matches(method: Method, targetClass: Class<*>): Boolean > = > super.matches(method, targetClass) > || securityAnnotations.any { > AnnotationUtils.findAnnotation(targetClass, > it) != null } > > and then one has to replace the AuthorizationAttributeSourceAdvisor in > the spring context. > > Best regards, > Laszlo > >
