[jboss-user] [JBoss Seam] - Handling of exception from @RolesAllowed failure

texan do-not-reply at jboss.com
Fri Oct 20 18:55:55 EDT 2006

Configuration: JBoss 4.0.4GA, Seam 1.0.1, MyFaces 1.1.3 with Facelets.  The app itself is working fine.

I added an @RolesAllowed annotation to a stateless session bean and tried clicking the button that invokes that action (using a user who doesn't have that Role).

As expected, it throws "SecurityException", which is caught by org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor and wrapped with "EJBAccessException".

I created my own interceptor to try to catch this exception and return a JSF page name to tell the user that they don't have permission.

Sadly, even when I catch throwable in my interceptor, the exception seems to go straight by and ends up kicking out a "javax.faces.el.EvaluationException" from MyFaces.

Some extra information:

1. I tried single stepping in the debugger, and saw my interceptor invoked.  When I executed "invocation.proceed()", it never reached my "catch" clause.

2. I tried putting my interceptor before the SeamInterceptor and also after it (last in the list), with no effect.

Let me know if I should attach some code.

The simple question I have (I'm a novice with many things, including JAAS configuration) is, how do I configure the desitation page for this type of permission problem, or how do I catch the exception before it reaches JSF?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3979756#3979756

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3979756

More information about the jboss-user mailing list