-
Bug
-
Resolution: Unresolved
-
Medium
-
None
-
None
-
None
-
None
Two issues noticed here...
a. The dynamic authorization filter failed to get loaded.
b. Even after loading it with a workaround, the request if not handed over to the dynamic authorization filter due t the issue AAA-256
Workarounds:
- Shiro fails to load filters with custom name, ODL uses dynamicAuthoriztion as the name of the filter, which fails to load with the current Shiro release. But the filter gets loaded if we use the name "rest", which is pre-defined filter.
- Cookie needs to be disabled to avoid the second problem (workaround for AAA-256)