Hi Its used by camel-shiro and camel-spring-security, where you can define a security policy in the DSL. There is a AuthorizationPolicy in the SPI package in camel-core.
I guess its intend is to be used when an user is denied an action, and Camel should not process the message, whether that deny was due authorization or authentication error. However as always maybe it needs to be better documented, or we need more fine grained exceptions? Any thoughts? On Fri, Dec 9, 2011 at 4:22 PM, Glen Mazza <[email protected]> wrote: > Hello, org.apache.camel.CamelAuthorizationException[1] was missing a JavaDoc > header comment, I added a generic but possibly inaccurate one in the latest > patch that Claus applied (it's viewable here[1] now). > > Question: What's the purpose of this exception--is it purely for (a) > *authorization* errors (person is Bob alright but he's not allowed to eat > any of the cookies) or for (b) *authentication* errors (no, that person > isn't even Bob) or (c) either? The present method implementations appear to > indicate it's for authentication and (possibly) not authorization issues. > > Thanks, > Glen > > [1] > http://svn.apache.org/viewvc/camel/trunk/camel-core/src/main/java/org/apache/camel/CamelAuthorizationException.java?view=markup > > -- > Glen Mazza > Talend Community Coders > http://coders.talend.com > blog: http://www.jroller.com/gmazza > -- Claus Ibsen ----------------- FuseSource Email: [email protected] Web: http://fusesource.com Twitter: davsclaus, fusenews Blog: http://davsclaus.blogspot.com/ Author of Camel in Action: http://www.manning.com/ibsen/
