[
https://issues.apache.org/jira/browse/SHIRO-243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kalle Korhonen resolved SHIRO-243.
----------------------------------
Resolution: Fixed
Fix Version/s: 1.2.0
> when method is unauthorized, please include method info in stack trace
> ----------------------------------------------------------------------
>
> Key: SHIRO-243
> URL: https://issues.apache.org/jira/browse/SHIRO-243
> Project: Shiro
> Issue Type: Improvement
> Reporter: Jim Newsham
> Assignee: Kalle Korhonen
> Priority: Minor
> Fix For: 1.2.0
>
>
> We are using Shiro's annotation-based method authorization support, to
> enforce security checks on remotely invoked services. The problem is that
> when we get an AuthorizationException, it doesn't include any information
> about which particular method failed. Looks like it would be really easy to
> include this in AuthorizingAnnotationMethodInterceptor.assertAuthorized() as
> follows:
> public void assertAuthorized(MethodInvocation method) throws
> AuthorizationException {
> try {
>
> ((AuthorizingAnnotationHandler)getHandler()).assertAuthorized(getAnnotation(mi));
> }
> catch(AuthorizationException ae) {
> throw new AuthorizationException("method not authorized: " +
> method.getMethod(), ae);
> }
> }
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
