Actually, I misread your post slightly. We don't throw exceptions in doGetAuthorization method just doGetAuthentication method.
The former just needs to fill out permissions and roles and should not throw exceptions. If something goes wrong it should just return with the empty permissions and roles list. > On Mar 14, 2016, at 3:53 PM, jonathan.labin <[email protected]> wrote: > > Hmm. Well that is welcome confirmation. > > I have an unauthorizedUrl value set for the URL filters (roles, perms, and > casRoles). > But I can understand that none of these filters are even processing yet when > an exception is thrown by the realm during doGetAuthorizationInfo. > > Is there an additional object onto which you are setting a unauthorizedUrl > value? > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Realm-Exception-Handling-tp7580979p7580985.html > Sent from the Shiro User mailing list archive at Nabble.com. >
