I need a little help understanding how to intercept Exceptions thrown when a
@Requires* annotation fails on a given business method. Jared made the
suggestion of adding a filter that catches the Exception and does the
redirect. I implemented it like so (using Guice).
In subclassed ServletModule:
@Override
protected void configureServlets() {
filter( "/*" ).through( AuthorizationFailureFilter.class );
filter( "/*" ).through( GuiceShiroFilter.class );
...
}
In new auth filter (AuthorizationFailureFilter):
@Override
public void doFilter( ServletRequest request, ServletResponse response,
FilterChain chain ) throws IOException, ServletException {
try {
chain.doFilter( request, response );
} catch ( ServletException e ) {
if ( e.getCause() instanceof UnauthenticatedException ) {
// what to do here? redirect to login.jsp?
} else {
throw e;
}
}
}
The problem I'm running into here is I get none of the automatic redirection
provided by the FormAuthenticationFilter. I'd like my program to function
exactly as if I'd secured the URL with a path-based filter instead of an
annotation. I.e., redirect to the login page, and after authentication,
redirect back to the SavedRequest.
Any suggestions on this?
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Handling-exceptions-thrown-by-Requires-annotations-tp6673997p6673997.html
Sent from the Shiro User mailing list archive at Nabble.com.
