Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-863: hierarchical roles should use the interface GrantedAuthority #1118

spring-issuemaster opened this Issue Jun 2, 2008 · 2 comments


None yet
1 participant

Matthias Koch(Migrated from SEC-863) said:

for using a own implementation of GrantedAuthority,

RoleHierarchyImpl should be changed to use the interface GrantedAuthority with getAuthority() to insert and lookup the keys.

otherwise all own implementations of GrantedAuthority will not work with hierarchical roles.

thank you verry much

mfg Gideon

Georgy Bolyuba said:

This should fix the problem the way I see it. We cannot work with collections directly, so, I wrap calls to reachableRoles.add() and rolesReachableInOneOrMoreSteps.get(). First a search by authority key is done.

This will work as far as implementation of AccessDecisionVoter does only key (aka authority.getAuthority() ) comparison and does not care about class of GrantedAuthority implementation passed to it.

Luke Taylor said:

Thanks a lot for the patch. I've applied it as it stands with the exception that I used an anonymous class instead of a custom mock GrantedAuthority implementation. Tests pass OK.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment