[jboss-user] [JBoss Seam] - Handling of exception from @RolesAllowed failure
do-not-reply at jboss.com
Fri Oct 20 18:55:55 EDT 2006
Configuration: JBoss 4.0.4GA, Seam 1.0.1, MyFaces 1.1.3 with Facelets. The app itself is working fine.
I added an @RolesAllowed annotation to a stateless session bean and tried clicking the button that invokes that action (using a user who doesn't have that Role).
As expected, it throws "SecurityException", which is caught by org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor and wrapped with "EJBAccessException".
I created my own interceptor to try to catch this exception and return a JSF page name to tell the user that they don't have permission.
Sadly, even when I catch throwable in my interceptor, the exception seems to go straight by and ends up kicking out a "javax.faces.el.EvaluationException" from MyFaces.
Some extra information:
1. I tried single stepping in the debugger, and saw my interceptor invoked. When I executed "invocation.proceed()", it never reached my "catch" clause.
2. I tried putting my interceptor before the SeamInterceptor and also after it (last in the list), with no effect.
Let me know if I should attach some code.
The simple question I have (I'm a novice with many things, including JAAS configuration) is, how do I configure the desitation page for this type of permission problem, or how do I catch the exception before it reaches JSF?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3979756#3979756
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3979756
More information about the jboss-user