Leo Breuss [https://community.jboss.org/people/lbreuss] created the discussion "EJBAccessException leads to HTTP status code 500" To view the discussion, visit: https://community.jboss.org/message/756623#756623 -------------------------------------------------------------- Hi My web service client (e.g. soapUI) receives a HTTP status code 500 when the authenticated user is not authorized to call a method on an EJB (the user is lacking the required role). I would have expected a 4xx code, e.g. 403 Forbidden (or 403 Method Not Allowed). IMHO, 500 Internal Server error is not appropriate in that case. Am I to catch the exception and transform it to a 403 response? How would I do that? regards Leo -------------------------------------------------------------- Reply to this message by going to Community [https://community.jboss.org/message/756623#756623] Start a new discussion in JBoss Web Services at Community [https://community.jboss.org/choose-container!input.jspa?contentType=1&...]