javax.ejb.EJBAccessException does not contain information about what roles are required anymore ----------------------------------------------------------------------------------------------- Key: JBAS-7324 URL: https://jira.jboss.org/jira/browse/JBAS-7324 Project: JBoss Application Server Issue Type: Feature Request Security Level: Public (Everyone can see) Components: EJB3 Affects Versions: JBossAS-4.2.3.GA Reporter: Marco Schulze Assignee: Carlo de Wolf The SecurityException thrown when accessing EJB2 beans without sufficient permissions contained the information what roles exactly were required. The exception message contained sth. like this: "requiredRoles=[org.nightlabs.jfire.store.seeProductType], principalRoles=[_Guest_]" This was an easily parseable text and we used it to show the user a nice error message with detailed information about what rights he should request from his boss or his administrator. Unfortunately, after we switched to EJB3, the now thrown EJBAccessException does not contain this information anymore. It simply says "Authorization failure" without any details. Please extend org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor to pass the required information (in a parseable form in the exception message). Reference to our issue (with a stack trace and maybe other useful information): https://www.jfire.org/modules/bugs/view.php?id=1292 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira