-
Notifications
You must be signed in to change notification settings - Fork 5.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
5.8.12: @Secured annotation on subclasses is not read by SecuredAuthorizationManager when method in superclass was called #15002
Comments
@artem103, I'm interested in addressing this issue. Could you assign it to me, please? |
@abimael-turing seems I can not assign it, probably I have no priveleges to do that |
@artem103 No problem, I've already started working on it and I'll submit a pull request ASAP. |
…subclasses when a method in the superclass is called. closes the issue spring-projects#15002
…subclasses when a method in the superclass is called. Format the code and closes the issue spring-projects#15002
@artem103 and @spring-projects-issues, I completed the pull request, but the build is failing on GitHub due to deprecated Gradle features, which are incompatible with Gradle 8.0. |
If I have 2 classes,
and when I call service.doSmth(), security is not applied, because method org.springframework.security.authorization.method.SecuredAuthorizationManager.SecuredAuthorizationManagerRegistry#findSecuredAnnotation will try to get annotation of AbstractService, not of Service.
See the 6 version of this method https://github.com/spring-projects/spring-security/blob/main/core/src/main/java/org/springframework/security/authorization/method/SecuredAuthorizationManager.java
This bug was fixed there.
The text was updated successfully, but these errors were encountered: