[ https://issues.apache.org/jira/browse/SHIRO-243?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12992287#comment-12992287 ]
Les Hazlewood commented on SHIRO-243: ------------------------------------- Good idea Jim - thanks for the issue. > when method is unauthorized, please include method info in stack trace > ---------------------------------------------------------------------- > > Key: SHIRO-243 > URL: https://issues.apache.org/jira/browse/SHIRO-243 > Project: Shiro > Issue Type: Improvement > Reporter: Jim Newsham > Priority: Minor > > We are using Shiro's annotation-based method authorization support, to > enforce security checks on remotely invoked services. The problem is that > when we get an AuthorizationException, it doesn't include any information > about which particular method failed. Looks like it would be really easy to > include this in AuthorizingAnnotationMethodInterceptor.assertAuthorized() as > follows: > public void assertAuthorized(MethodInvocation method) throws > AuthorizationException { > try { > > ((AuthorizingAnnotationHandler)getHandler()).assertAuthorized(getAnnotation(mi)); > } > catch(AuthorizationException ae) { > throw new AuthorizationException("method not authorized: " + > method.getMethod(), ae); > } > } -- This message is automatically generated by JIRA. - For more information on JIRA, see: http://www.atlassian.com/software/jira