[
https://issues.apache.org/jira/browse/SHIRO-243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kalle Korhonen reopened SHIRO-243:
----------------------------------
Re-evaluating the suggested solution, wrapping breaks unit tests in aspectj. I
was thinking exactly that it's not necessarily a good practice to hide the
actual root cause but didn't run tests elsewhere than core itself. Reverting
for now, it's possible I'll just fix the unit tests.
> when method is unauthorized, please include method info in stack trace
> ----------------------------------------------------------------------
>
> Key: SHIRO-243
> URL: https://issues.apache.org/jira/browse/SHIRO-243
> Project: Shiro
> Issue Type: Improvement
> Reporter: Jim Newsham
> Assignee: Kalle Korhonen
> Priority: Minor
> Fix For: 1.2.0
>
>
> We are using Shiro's annotation-based method authorization support, to
> enforce security checks on remotely invoked services. The problem is that
> when we get an AuthorizationException, it doesn't include any information
> about which particular method failed. Looks like it would be really easy to
> include this in AuthorizingAnnotationMethodInterceptor.assertAuthorized() as
> follows:
> public void assertAuthorized(MethodInvocation method) throws
> AuthorizationException {
> try {
>
> ((AuthorizingAnnotationHandler)getHandler()).assertAuthorized(getAnnotation(mi));
> }
> catch(AuthorizationException ae) {
> throw new AuthorizationException("method not authorized: " +
> method.getMethod(), ae);
> }
> }
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
