Return-Path: X-Original-To: apmail-shiro-dev-archive@www.apache.org Delivered-To: apmail-shiro-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5EBB29A8F for ; Tue, 24 Jan 2012 01:12:46 +0000 (UTC) Received: (qmail 20401 invoked by uid 500); 24 Jan 2012 01:12:46 -0000 Delivered-To: apmail-shiro-dev-archive@shiro.apache.org Received: (qmail 20373 invoked by uid 500); 24 Jan 2012 01:12:46 -0000 Mailing-List: contact dev-help@shiro.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@shiro.apache.org Delivered-To: mailing list dev@shiro.apache.org Received: (qmail 20357 invoked by uid 99); 24 Jan 2012 01:12:45 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 24 Jan 2012 01:12:45 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED,T_RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 24 Jan 2012 01:12:45 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id A225915E8D2 for ; Tue, 24 Jan 2012 01:11:48 +0000 (UTC) Date: Tue, 24 Jan 2012 01:11:48 +0000 (UTC) From: "Les Hazlewood (Closed) (JIRA)" To: dev@shiro.apache.org Message-ID: <1867074141.69660.1327367508665.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <1610782085.4091.1297214517572.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Closed] (SHIRO-243) when method is unauthorized, please include method info in stack trace MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/SHIRO-243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Les Hazlewood closed SHIRO-243. ------------------------------- Closing with the 1.2.0 release. > when method is unauthorized, please include method info in stack trace > ---------------------------------------------------------------------- > > Key: SHIRO-243 > URL: https://issues.apache.org/jira/browse/SHIRO-243 > Project: Shiro > Issue Type: Improvement > Reporter: Jim Newsham > Assignee: Kalle Korhonen > Priority: Minor > Fix For: 1.2.0 > > > We are using Shiro's annotation-based method authorization support, to enforce security checks on remotely invoked services. The problem is that when we get an AuthorizationException, it doesn't include any information about which particular method failed. Looks like it would be really easy to include this in AuthorizingAnnotationMethodInterceptor.assertAuthorized() as follows: > public void assertAuthorized(MethodInvocation method) throws AuthorizationException { > try { > ((AuthorizingAnnotationHandler)getHandler()).assertAuthorized(getAnnotation(mi)); > } > catch(AuthorizationException ae) { > throw new AuthorizationException("method not authorized: " + method.getMethod(), ae); > } > } -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira