3 Replies Latest reply on Nov 6, 2009 8:17 PM by joblini

    AuthorizationException = ERROR, why?

      When I supply my own permission handler to pages.xml <restrict> tag, I get an ERROR such as:


      org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{esm.hasPrivilege('viewPersonalProfile')}]


      If the check fails, shouldn't it just fail gracefully?  I don't see why an application ERROR would be thrown for this, since it's quite possible (and expected) that a permission check will fail for obvious reasons.


      I read elsewhere that this might be fixed in Seam 2.1, but I'm running Seam 2.1.2 and this appears to still be an issue.


      Does anyone know how to workaround this exception or if there is a way to demote the severity of the exception?