[
https://issues.apache.org/jira/browse/SHIRO-743?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17091231#comment-17091231
]
Chris Poulsen commented on SHIRO-743:
-
I've decided to remove shiro from our stack, so
[
https://issues.apache.org/jira/browse/SHIRO-760?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
cl0und updated SHIRO-760:
-
Description:
I found that shiroFilter's access control can be bypassed through tomcat ajp
protocol。
{code:java}
@
[
https://issues.apache.org/jira/browse/SHIRO-760?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17091033#comment-17091033
]
cl0und commented on SHIRO-760:
--
Thank you. I have sent the report to secur...@shiro.apache.or
[
https://issues.apache.org/jira/browse/SHIRO-760?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17090806#comment-17090806
]
Brian Demers commented on SHIRO-760:
[~cl0und] Please report security-related issues o
[
https://issues.apache.org/jira/browse/SHIRO-760?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
cl0und updated SHIRO-760:
-
Description:
I found that shiroFilter's access control can be bypassed through tomcat ajp
protocol。
{code:java}
@
cl0und created SHIRO-760:
Summary: Bypass shiroFilter ACL
Key: SHIRO-760
URL: https://issues.apache.org/jira/browse/SHIRO-760
Project: Shiro
Issue Type: Bug
Components: Authorization (acces
[
https://issues.apache.org/jira/browse/SHIRO-743?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17090657#comment-17090657
]
Brian Demers commented on SHIRO-743:
[~chrispoulsen] Can you put together a simple exa
[
https://issues.apache.org/jira/browse/SHIRO-743?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17090338#comment-17090338
]
Chris Poulsen commented on SHIRO-743:
-
I'm currently trying to fix an issue that seems
