Author: shane.bryzak(a)jboss.com
Date: 2008-04-11 03:46:12 -0400 (Fri, 11 Apr 2008)
New Revision: 7904
Modified:
trunk/src/main/org/jboss/seam/security/Identity.java
Log:
raise notAuthorized event for failed role/permission checks when user is authenticated
Modified: trunk/src/main/org/jboss/seam/security/Identity.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/Identity.java 2008-04-11 05:17:52 UTC (rev
7903)
+++ trunk/src/main/org/jboss/seam/security/Identity.java 2008-04-11 07:46:12 UTC (rev
7904)
@@ -481,6 +481,7 @@
}
else
{
+ if (Events.exists()) Events.instance().raiseEvent(EVENT_NOT_AUTHORIZED);
throw new AuthorizationException(String.format(
"Authorization check failed for role [%s]", role));
}
@@ -509,6 +510,7 @@
}
else
{
+ if (Events.exists()) Events.instance().raiseEvent(EVENT_NOT_AUTHORIZED);
throw new AuthorizationException(String.format(
"Authorization check failed for permission [%s,%s]", name,
action));
}
@@ -528,6 +530,7 @@
}
else
{
+ if (Events.exists()) Events.instance().raiseEvent(EVENT_NOT_AUTHORIZED);
throw new AuthorizationException(String.format(
"Authorization check failed for permission[%s,%s]", target,
action));
}