Hi all! I have a strange problem and maybe one of you can give me a hint...
Basically I have a table and each individual <tr> forms it's own zone and can be replaced independently from each other by an eventlink (works perfectly). Next I added @RequiresPermissions("MyPermission:modify") on the event-callback method to limit access. In case an user does not have the required permissions Shiro correctly identfies it and throws an OperationException("Subject does not have permission"), perfect too. Unfortunately there is no redirect to the "Unauthorized" page but instead the page is rendered in the "ajax dialog box" (which tapestry shows in case of problems/errors).
From the stacktrace I see "SecurityExceptionHandlerAssistant.handleRequestException" is called to retrieve the page name to show ("Unauthorized"). Unfortunately there is no redirect to the page but instead "renderer.renderPageResponse(page)" is called and surprisingly "onActivate" of my "Unauthorized" page is not called at all.
Any idea what happens and how to solve it? Jens --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
