You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@struts.apache.org by ge...@apache.org on 2006/12/01 01:16:43 UTC

svn commit: r481115 - /struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java

Author: germuska
Date: Thu Nov 30 16:16:41 2006
New Revision: 481115

URL: http://svn.apache.org/viewvc?view=rev&rev=481115
Log:
Rethrown UnauthorizedActionException rather than dropping it and throwing a new one (STR-2981)

Modified:
    struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java

Modified: struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java
URL: http://svn.apache.org/viewvc/struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java?view=diff&rev=481115&r1=481114&r2=481115
==============================================================================
--- struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java (original)
+++ struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java Thu Nov 30 16:16:41 2006
@@ -52,7 +52,8 @@
      * @param actionCtx The <code>Context</code> for the current request
      * @return <code>false</code> if the user is authorized for the selected
      *         action, else <code>true</code> to abort processing.
-     * @throws Exception if authorization fails
+     * @throws UnauthorizedActionException if authorization fails 
+     * or if an error is encountered in the course of performing the authorization.
      */
     public boolean execute(ActionContext actionCtx)
         throws Exception {
@@ -70,6 +71,8 @@
             throwEx =
                 !(isAuthorized(actionCtx, actionConfig.getRoleNames(),
                     actionConfig));
+        } catch (UnauthorizedActionException ex) {
+        	throw ex;
         } catch (Exception ex) {
             throwEx = true;
             LOG.error("Unable to complete authorization process", ex);
@@ -109,6 +112,8 @@
      * @param actionConfig The current action mapping
      * @return <code>true</code> if the request is authorized, else
      *         <code>false</code>
+     * @throws UnauthorizedActionException If the logic determines that the request is not authorized 
+     * but does not wish to rely upon the default mechanism reporting the error.
      * @throws Exception If the action cannot be tested for authorization
      */
     protected abstract boolean isAuthorized(ActionContext context,