[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-1279) use ExceptionFilter in Remoting
Keith Naas (JIRA)
jira-events at lists.jboss.org
Mon Mar 10 12:23:57 EDT 2008
[ http://jira.jboss.com/jira/browse/JBSEAM-1279?page=comments#action_12401984 ]
Keith Naas commented on JBSEAM-1279:
The ExceptionFilter doesn't have to only be for JSF requests :)
Even if the ExceptionFilter is not used, something could be changed so that the right Http Status Codes are returned to the browser. For instance, instead of receiving no content with an Http 200 response, one would get 403 for NotAuthorized and 401 for NotLoggedIn?
> use ExceptionFilter in Remoting
> Key: JBSEAM-1279
> URL: http://jira.jboss.com/jira/browse/JBSEAM-1279
> Project: JBoss Seam
> Issue Type: Feature Request
> Components: Remoting
> Affects Versions: 1.2.1.GA
> Reporter: Keith Naas
> Assigned To: Shane Bryzak
> Currently, the Remoting resource class swallows all exceptions. Because of this, it is not possible to gracefully handle security restrictions in WebRemote methods from the client.
> Two ideas:
> # Simply bubble the Exception all the way up through the ResourceServlet. If the ResourceServlet throws the exception, the ExceptionFilter should pick up on it. The XHR would then receive the proper error code as defined in the pages.xml and could properly redirect the user to the correct login page.
> # Have the ResourceServlet trap for NotLoggedInException's or NotAuthorizedException's and return the respective HTTP status code. The XHR would then receive the error code and be able to redirect the user to the correct login page.
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues