Hello,
I am trying to upgrade from acegi-security 0.9.0 to 1.0.0-RC2.
I had following definition of filterChainProxy in my spring application context:
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**/*.css=
/**/*.gif=
/**/*.js=
/**/*.png=
/**=httpSessionContextIntegrationFilter,.. (other acegi filters) ...
</value>
</property>
</bean>
Notice that some URLs are declared with empty list of filters. With
acegi 0.9.0 no filters are invoked for defined in such way patterns.
But with 1.0.0-RC2 I've got java.lang.IllegalArgumentException: Failed
to parse a valid name/value pair from /**/*.css=
I checked sources and this is because now value shouldn't be empty:
if(!StringUtils.hasLength(name) ||
!StringUtils.hasLength(value)) {
throw new IllegalArgumentException("Failed to
parse a valid name/value pair from " + line);
}
I think that functionality provided in acegi 0.9.0 was quite useful,
because ant patterns much more flexible then those provided by
servlet-api, so it would be good to restore this behavior - when value
is empty then no filters will be applied to request.
What do you think about it?
Best regards,
Konstantin
--
http://step-inside.org
