spring-security icon indicating copy to clipboard operation
spring-security copied to clipboard
verified publisher icon spring-projects

On Abstain Access Should be Denied

Open rwinch opened this issue 3 years ago • 0 comments

We should look in every location and require that if an authorization manager abstained, then access should be denied. One option is that if the AuthorizationResult is null, then deny access. Another option is to require AuthorizationResult to be non-null going forward.

This depends on:

  • [x] #11958
  • [x] #11967

rwinch avatar Mar 08 '22 21:03 rwinch