[ https://issues.apache.org/jira/browse/SHIRO-741?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Francois Papon closed SHIRO-741. -------------------------------- Fix Version/s: 1.5.1 Resolution: Fixed > Matching of / (root) is broken > ------------------------------ > > Key: SHIRO-741 > URL: https://issues.apache.org/jira/browse/SHIRO-741 > Project: Shiro > Issue Type: Bug > Components: Web > Affects Versions: 1.5.0 > Reporter: Emond Papegaaij > Priority: Major > Fix For: 1.5.1 > > > Since SHIRO-682 it is no longer possible match the root of your application > with /** . A request at / is transformed into an empty URI and no longer > matches /**. This makes it impossible to secure your entire application and > provide a whitelist for allowed urls, like this: > {code} > [urls] > /rest/v1/openapi.* = noSessionCreation,anon > /rest/v1/info = noSessionCreation,anon > /** = noSessionCreation,oauth2,oauth,secured > {code} > So far, I've found no way to match the root in 1.5. -- This message was sent by Atlassian Jira (v8.3.4#803005)