when method is unauthorized, please include method info in stack trace
----------------------------------------------------------------------
Key: SHIRO-243
URL: https://issues.apache.org/jira/browse/SHIRO-243
Project: Shiro
Issue Type: Improvement
Reporter: Jim Newsham
Priority: Minor
We are using Shiro's annotation-based method authorization support, to enforce
security checks on remotely invoked services. The problem is that when we get
an AuthorizationException, it doesn't include any information about which
particular method failed. Looks like it would be really easy to include this
in AuthorizingAnnotationMethodInterceptor.assertAuthorized() as follows:
public void assertAuthorized(MethodInvocation method) throws
AuthorizationException {
try {
((AuthorizingAnnotationHandler)getHandler()).assertAuthorized(getAnnotation(mi));
}
catch(AuthorizationException ae) {
throw new AuthorizationException("method not authorized: " +
method.getMethod(), ae);
}
}
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
