Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #9745 Role * wins over specific roles (#9757)

This commit is contained in:
Jan Bartel 2023-05-12 17:13:57 +02:00 committed by GitHub
parent b16660388f
commit 87a430d148
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
jetty-ee10/jetty-ee10-webapp/src/main/java/org/eclipse/jetty/ee10/webapp/StandardDescriptorProcessor.java
View File

@ -1312,7 +1312,11 @@ public class StandardDescriptorProcessor extends IterativeDescriptorProcessor
{ {
case ConstraintSecurityHandler.ANY_KNOWN_ROLE -> // "*" case ConstraintSecurityHandler.ANY_KNOWN_ROLE -> // "*"
{ {
if (scBase.getAuthorization() == null) //The hierarchy of role authorizations is:
// ANY_USER
// KNOWN_ROLE
// SPECIFIC_ROLE
if (scBase.getAuthorization() != Constraint.Authorization.ANY_USER)
{ {
scBase.authorization(Constraint.Authorization.KNOWN_ROLE); scBase.authorization(Constraint.Authorization.KNOWN_ROLE);
roles = null; roles = null;