Best way to display the cause of AccessDeniedException?

[ironstorm]

[please replace (at) with the at sign i.e. shift-2 on your keyboard on the below, apparently I can't use shift-2 for my first 15 posts because its a URL]

Hi All,

I'm wondering if there is a way to get the name of the method or some information about the call that generated the AccessDeniedException from an (at)Secured annotation.

Ideally, I'd like to be able to display this info to the user something like this...

Code:

try {
 securedMethod1()
 securedMethod2()
 securedMethod3()
 securedMethod4()
 securedMethod5()
} catch (AccessDeniedException ade) {
 System.out.println("Access was denied when attempting to call: " + ade.???);
}

where ??? is what I use to determine which object/method call triggered the AccessDeniedException

-G

[Marten Deinum]

From a security point of view you don't want to show that information to a user.... With that information your user gains knowledge about the internals of your application, if there is one thing that you don't want your users to know it is the internals of your application.

[Luke Taylor]

The security interceptor will publish an AuthorizationFailureEvent here:

http://static.springframework.org/sp...eptor.html#265

If you subscribe to these, you can extract the relevant information. The secured object is a MethodInvocation instance, which will contain the Method object.

[ironstorm]

@Marten,

If I was working on a web app I'd be inclined to agree with you, however in this case the app is swing based and supportability as important or even more so then security, so having something the user can screenshot that tells us exactly what happened will help a lot.

@Luke

Thanks, that looks like exactly what I'm looking for...
Cheers

-G