Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

in memory user authorities() overrides roles() [SWS-1061] #1127

Open
gregturn opened this issue Mar 15, 2019 · 0 comments
Open

in memory user authorities() overrides roles() [SWS-1061] #1127

gregturn opened this issue Mar 15, 2019 · 0 comments

Comments

@gregturn
Copy link
Member

@gregturn gregturn commented Mar 15, 2019

Vadim Palnikov opened SWS-1061 and commented

 

SecurityConfiguration extends WebSecurityConfigurerAdapter

configure(AuthenticationManagerBuilder builder)

inMemoryAuthentication()

.roles(SOME_ROLE)

.authorities(ADDITIONAL_AUTHORITIES)

 

calling authorities() after adding roles using roles() will override the previously added roles

in org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer

each call to authorities() or roles() will override previously added authorities

 

BUG FIX:

each additional call should ADD to the previously added authorities


No further details from SWS-1061

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.