[
https://issues.apache.org/jira/browse/DELTASPIKE-636?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14028290#comment-14028290
]
Gerhard Petracek edited comment on DELTASPIKE-636 at 6/11/14 8:39 PM:
----------------------------------------------------------------------
@thomas:
besides that detail (just done to be sure that a potential change in
exception-control won't break the security module), we have to think about the
usage of the api.
usually a handled event (without the call of e.g. ExceptionEvent#throwOriginal)
means that the exception is consumed and everything continues as usual.
using the result of the api differently might confuse users, however, just
continuing in this special case is also not that nice.
was (Author: gpetracek):
@thomas:
besides that detail, we have to think about the usage of the api.
usually a handled event (without the call of e.g. ExceptionEvent#throwOriginal)
means that the exception is consumed and everything continues as usual.
using the result of the api differently might confuse users, however, just
continuing in this special case is also not that nice.
> @Secures should trigger the ds-exception-handler
> ------------------------------------------------
>
> Key: DELTASPIKE-636
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-636
> Project: DeltaSpike
> Issue Type: Improvement
> Components: Security-Module
> Affects Versions: 0.7
> Reporter: Pedro Igor
> Assignee: Gerhard Petracek
> Priority: Minor
> Fix For: 1.0.0
>
> Attachments: AccessDeniedExceptionHandling.patch, DELTASPIKE-636.patch
>
>
> When using @Secures, if a validation fails the AccessDeniedException is
> thrown without letting the application to handle it properly. This ends up
> printing the stack trace on the logs.
> Ideally, users should be able to handle this exception before propagating it.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
