remoting with security

knaas May 1, 2007 12:03 PM

I am attempting to secure our @WebRemote methods and I'm having a bit of trouble.

I have a SB with two @WebRemote methods. I then put a @Restrict on the SB implementation class. When a call is made to one of the methods from the javascript, it does correctly validate that the restrictions are met. However, the response from the server is a 200 status with an empty responseText. Thus, I cannot automatically redirect the user to a login page (like Ajax4jsf does).

Note that the server prints out the NotLoggedInException (and AuthorizationException) in the logs.

Is there a way to hook up the ExceptionFilter to the Seam Remoting requests?

Thanks!

1. Re: remoting with security

knaas May 1, 2007 1:03 PM (in response to knaas)

Maybe the solution is to change the Remoting class so that it throws rather than swallows all Exceptions. In theory, wouldn't the exception bubble up through the ServletRequest all the way to the ExceptionFilter?
Actions
2. Re: remoting with security

shane.bryzak May 1, 2007 8:01 PM (in response to knaas)

Can you please raise this in JIRA?
Actions
3. Re: remoting with security

knaas May 2, 2007 9:37 AM (in response to knaas)

Done!

http://jira.jboss.com/jira/browse/JBSEAM-1279
Actions

Go to original post