[ https://issues.apache.org/jira/browse/WICKET-3240?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Grigorov resolved WICKET-3240. ------------------------------------- Resolution: Fixed Fix Version/s: 1.5-M4 Improved with r1049093. Thanks for reviewing the code, Richard! > AnnotationsRoleAuthorizationStrategy isInstantiationAuthorized > package==false, class==true returns true > ------------------------------------------------------------------------------------------------------- > > Key: WICKET-3240 > URL: https://issues.apache.org/jira/browse/WICKET-3240 > Project: Wicket > Issue Type: Improvement > Components: wicket-auth-roles > Affects Versions: 1.5-M3 > Environment: all > Reporter: Richard Emberson > Assignee: Martin Grigorov > Priority: Trivial > Fix For: 1.5-M4 > > > In the class AnnotationsRoleAuthorizationStrategy's > isInstantiationAuthorized method if > the package authorization is false but the class authorization is true, then > the user > will be authorized. > Maybe, check the class authorization only if the authorized variable is true. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.