Affects Version/s: None
Fix Version/s: 3.0.0 M1
I am using "org.springframework.security.vote.UnanimousBased" with follwoing voters
and have the following constraint on a method say 'getName'
getName = ROLE_ONE, ROLE_TWO, CUSTOM_ADMIN, CUSTOM_READ
I am logged as a User with ROLE_TWO and CUSTOM_ADMIN permission. But I get Access denied because Role Voter fails after it finds out that I do not have ROLE_ONE and does not check for ROLE_TWO instead throws Access Denied.