Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization on Every Dispatch Type #11027

Closed
rwinch opened this issue Mar 25, 2022 · 1 comment
Closed

Authorization on Every Dispatch Type #11027

rwinch opened this issue Mar 25, 2022 · 1 comment
Assignees
@marcusdacoregio
Labels
in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
Milestone
6.0.0-M4

Comments

@rwinch
Copy link
Member

rwinch commented Mar 25, 2022
edited
Loading

Currently FilterSecurityInterceptor and AuthorizationFilter only perform authorization checks on the first request. Authorization should be performed on dispatch. We should make it simple to permitAll on other dispatch types for users that do not wish to do this.

NOTE: We may consider only making these changes to AuthorizationFilter rather than FilterSecurityInterceptor since we are moving towards using AuthorizationManager rather than the old authorization APIs.

Related gh-10919
@rwinch rwinch added in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement type: breaks-passivity A change that breaks passivity with the previous release labels Mar 25, 2022
@rwinch rwinch added this to the 6.0.0-M4 milestone Mar 25, 2022
@marcusdacoregio marcusdacoregio self-assigned this Apr 5, 2022
This was referenced Apr 11, 2022
Closed
Closed
Closed
@marcusdacoregio
Copy link
Contributor

Fixed via #11107

@marcusdacoregio marcusdacoregio mentioned this issue Jul 26, 2022
Closed
This was referenced Nov 9, 2022
Closed
Closed
Closed
This was referenced Nov 18, 2022
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marcusdacoregio marcusdacoregio

Labels
in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
Projects
None yet
Milestone
6.0.0-M4
Development

No branches or pull requests
2 participants
@rwinch @marcusdacoregio