4 Replies Latest reply on Feb 7, 2012 11:53 PM by shenlanemo

    ExceptionHandler can't catch AuthorizationException

    shenlanemo

      follow seam3.1 official examples,i use a ExceptionHandler to handle AuthorizationExceptions.

       

      this is the ExceptionHandler class code:

      --------------------

      package exception;

      ...

      @HandlesExceptions

      public class ExceptionHandler {

             public void handleAuthorizationException(@Handles CaughtException<AuthorizationException> evt,Logger log) {

                 log.info("You do not have the necessary permissions to perform that operation");

                 evt.handled();     

             }

      }

      --------------------

      if ExceptionHandler catch the exception,the jboss will print the message in the console.the message no doubt is "You do not have the necessary permissions to perform that operation".but the result is'nt expected.

       

      Actually,the console print the real exception message as follows:

      --------------------

      17:01:24,187 ERROR [org.jboss.seam.remoting.ExecutionHandler] (http--127.0.0.1-8080-1) Error while executing call: org.jboss.seam.security.AuthorizationException: Authorization check failed

          at org.jboss.seam.security.SecurityExtension$Authorizer.authorize(SecurityExtension.java:77) [seam-security-3.1.0.Final.jar:]

          at org.jboss.seam.security.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:31) [seam-security-3.1.0.Final.jar:]

          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_30]

          at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [:1.6.0_30]

          at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [:1.6.0_30]

          at java.lang.reflect.Method.invoke(Unknown Source) [:1.6.0_30]

          at org.jboss.interceptor.proxy.InterceptorInvocation$InterceptorMethodInvocation.invoke(InterceptorInvocation.java:72) [jboss-interceptor-core-2.0.0.Alpha3.jar:2.0.0.Alpha3]

          at org.jboss.interceptor.proxy.SimpleInterceptionChain.invokeNextInterceptor(SimpleInterceptionChain.java:82) [jboss-interceptor-core-2.0.0.Alpha3.jar:2.0.0.Alpha3]

          at org.jboss.interceptor.proxy.InterceptorMethodHandler.executeInterception(InterceptorMethodHandler.java:133) [jboss-interceptor-core-2.0.0.Alpha3.jar:2.0.0.Alpha3]

          at org.jboss.interceptor.proxy.InterceptorMethodHandler.invoke(InterceptorMethodHandler.java:112) [jboss-interceptor-core-2.0.0.Alpha3.jar:2.0.0.Alpha3]

          at org.jboss.weld.bean.proxy.CombinedInterceptorAndDecoratorStackMethodHandler.invoke(CombinedInterceptorAndDecoratorStackMethodHandler.java:65) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]

          at org.jboss.weld.proxies.1105501934$Proxy$_$$_WeldSubclass.getUserWithAuthenticate(1105501934$Proxy$_$$_WeldSubclass.java) [classes:]

          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_30]

          at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [:1.6.0_30]

          at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [:1.6.0_30]

          at java.lang.reflect.Method.invoke(Unknown Source) [:1.6.0_30]

          at org.jboss.seam.remoting.Call.execute(Call.java:170) [seam-remoting-3.1.0.Final.jar:]

          at org.jboss.seam.remoting.ExecutionHandler.handle(ExecutionHandler.java:72) [seam-remoting-3.1.0.Final.jar:]

          at org.jboss.seam.remoting.Remoting.service(Remoting.java:251) [seam-remoting-3.1.0.Final.jar:]

          at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]

          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]

          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.jboss.solder.servlet.exception.CatchExceptionFilter.doFilter(CatchExceptionFilter.java:65) [solder-impl-3.1.0.Final.jar:]

          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.jboss.solder.servlet.event.ServletEventBridgeFilter.doFilter(ServletEventBridgeFilter.java:74) [solder-impl-3.1.0.Final.jar:]

          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:139) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]

          at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]

          at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49) [jboss-as-jpa-7.0.2.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:667) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:952) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at java.lang.Thread.run(Unknown Source) [:1.6.0_30]

      --------------------

       

      and message print in web browser is:

      (i use seam-remoting instead of JSF)

      -------------------

      An exception has occurred while executing a remote request: org.jboss.seam.security.AuthorizationException:Authorization check failed

      -------------------

       

       

      so,how to let seam-remoting show message("You do not have the necessary permissions to perform that operation") when Authorization exception ocurred???

       

      thanks.

        • 1. Re: ExceptionHandler can't catch AuthorizationException
          lightguard

          Looks like there's either

           

          • No catch integration in Seam Rest (which I don't think is the case)
          • or it's explicitly passing it through. 

           

          Try putting it in a try / catch block and see if you can manually pass it to catch.

          • 2. Re: ExceptionHandler can't catch AuthorizationException
            shenlanemo

            Jason Porter 编写:

             

            Looks like there's either

             

            • No catch integration in Seam Rest (which I don't think is the case)
            • or it's explicitly passing it through. 

             

            Try putting it in a try / catch block and see if you can manually pass it to catch.

            Jason : i guess seam-remoting don't support ExceptionHandler at all.

             

            i test the ExceptionHandler in another JSF manner,the ExceptionHandler works well.i'm sure put the seam-rest dependency to the pom.xml.

             

            i make a very very simple ExceptionHandler Class as follows.

            ---------------------------

            class ExceptionHandler:

            ...

            @HandlesExceptions

            public class ExceptionHandler {

                public void handleException(@Handles CaughtException<Throwable> evt,Logger log) {

                    System.out.println("+ if ExceptionHandler receive the exception +");

                    evt.handled();

                }

            }

            ---------------------------

             

            and i make a action to test if ExceptionHandler works in a WebRemote call.

            ---------------------------

            ...

            @Named("Test")

            public class Test {

                @WebRemote

                public void test(){

                    try{

             

                        System.out.println("+ make a manually exception test +");

             

                        throw new Exception("- manually throw a test exception -");

             

                    }catch(Exception e){

             

                        System.out.println("+ if catch this test exception +");

             

                    }finally{

             

                        System.out.println("+ end. +");

             

                    }

                }

            }

            --------------------------

             

            and i call it by a javascript code:Seam.createBean("Test", "Formal").test(callback); and the

            console print the message:

            ----------

            19:27:59,000 INFO  [stdout] (http--127.0.0.1-8080-1) + make a manually exception test +

            19:27:59,000 INFO  [stdout] (http--127.0.0.1-8080-1) + if catch this test exception +

            19:27:59,000 INFO  [stdout] (http--127.0.0.1-8080-1) + end. +

            ----------

            it shows that ExceptionHandler do not receive the exception.

             

            next,i cut the try catch block:

            ----------

            @Named("Test")

            public class Test {

                @WebRemote

                public void test() throws Exception{

                    throw new Exception("- manually throw a test exception -");

                }

            }

            ----------

             

            the console print the message:

            -----------------------------------

            19:39:26,109 ERROR [org.jboss.seam.remoting.ExecutionHandler] (http--127.0.0.1-8080-1) Error

             

            while executing call: java.lang.Exception: - manually throw a test exception -

             

                at Test.test(Test.java:10)    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

             

            [:1.6.0_30]

             

            ...... 

            it show that ExceptionHandler still recieve nothing.

            ------------------------------------

             

            it seems that ExceptionHandler can't find the any exception occured in a @WebRemote method.

             

            if this is a bug or need some trick to fix it ???

            • 3. Re: ExceptionHandler can't catch AuthorizationException
              lightguard

              I'm sorry, I misunderstood. I do not believe that Seam Remoting has Catch integration. You'll have to handle the exceptions yourself with try / catch blocks. You can still use Catch though by firing the appropriate event as per the documentation.

              • 4. Re: ExceptionHandler can't catch AuthorizationException
                shenlanemo

                Jason : thanks for your reply,i won't waste time on a rong way in my mind.