[
https://issues.jboss.org/browse/SEAMFACES-126?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12592271#comment-12592271
]
Brian Leathem commented on SEAMFACES-126:
-----------------------------------------
No suitable java.*, javax.* exception seems to exist, so Faces should create
one. Possibly extending:
javax.security.auth.message.AuthException
http://download.oracle.com/javaee/6/api/javax/security/auth/message/AuthException.html
> Throw some kind of unauthorized exception when auth fails, rather than
> returning a 401 response
> -----------------------------------------------------------------------------------------------
>
> Key: SEAMFACES-126
> URL: https://issues.jboss.org/browse/SEAMFACES-126
> Project: Seam Faces
> Issue Type: Enhancement
> Components: Exception Handling, Security, View Configuration
> Reporter: Brian Leathem
> Fix For: 3.0.1
>
>
> If authorization fails, and the user is not logged in, Faces looks for a
> @LoginViewId to redirect to, and returns a 401 response if none is found. A
> similar story applies for the @AccessDeniedViewId
> It would be better to instead throw an exception, that Seam Catch can
> intercept. If not intercepted, this exception would eventually lead to a 401
> response.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
seam-issues mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/seam-issues
