OndroMih
commented
8 months ago Hi, @darranl , can you review this if it's a good alternative to https://github.com/jakartaee/security/pull/266?
Closed OndroMih closed 7 months ago
OndroMih
commented
8 months ago Hi, @darranl , can you review this if it's a good alternative to https://github.com/jakartaee/security/pull/266?
This aligns the hasAccessToWebResource Javadoc with how it was intended to work and how it's covered by the TCK tests, as clarified by @arjantijms in https://github.com/jakartaee/security/pull/266#issuecomment-1219707736.
The
hasAccessToWebResourcemethod is intended to be aligned with the WebResourcePermission, which is already mentioned in Javadoc. It interprets an empty list of HTTP methods as "all HTTP methods". So this PR clarifies that access to all HTTP methods is required if no method is provided as an argument.