Introduction
I recently stumbled over the following code in our codebase:
// Security flaw! @Cacheable("permissionsOnContracts") public boolean isAllowedToRead(ContractId contractId) { return expensiveOperationOrRemoteCall(contractId); }
The intent of the Cacheable-Annotation was obviously to reduce calls of #expensiveOperationOrRemoteCall, which makes sense in a way, especially when #isAllowedToRead is called often. Note that the #expensiveOperationOrRemoteCall determines the calling user internally by itself (eg. by using the SecurityContext, an OAuth2-Token, …).
It also introduces a severe security problem.
Read more