Configuration: JBoss 4.0.4GA, Seam 1.0.1, MyFaces 1.1.3 with Facelets. The app itself is working fine.
I added an @RolesAllowed annotation to a stateless session bean and tried clicking the button that invokes that action (using a user who doesn't have that Role). As expected, it throws "SecurityException", which is caught by org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor and wrapped with "EJBAccessException". I created my own interceptor to try to catch this exception and return a JSF page name to tell the user that they don't have permission. Sadly, even when I catch throwable in my interceptor, the exception seems to go straight by and ends up kicking out a "javax.faces.el.EvaluationException" from MyFaces. Some extra information: 1. I tried single stepping in the debugger, and saw my interceptor invoked. When I executed "invocation.proceed()", it never reached my "catch" clause. 2. I tried putting my interceptor before the SeamInterceptor and also after it (last in the list), with no effect. Let me know if I should attach some code. The simple question I have (I'm a novice with many things, including JAAS configuration) is, how do I configure the desitation page for this type of permission problem, or how do I catch the exception before it reaches JSF? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3979756#3979756 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3979756 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
