You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@struts.apache.org by ge...@apache.org on 2006/12/01 01:16:43 UTC
svn commit: r481115 -
/struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java
Author: germuska
Date: Thu Nov 30 16:16:41 2006
New Revision: 481115
URL: http://svn.apache.org/viewvc?view=rev&rev=481115
Log:
Rethrown UnauthorizedActionException rather than dropping it and throwing a new one (STR-2981)
Modified:
struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java
Modified: struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java
URL: http://svn.apache.org/viewvc/struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java?view=diff&rev=481115&r1=481114&r2=481115
==============================================================================
--- struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java (original)
+++ struts/struts1/trunk/core/src/main/java/org/apache/struts/chain/commands/AbstractAuthorizeAction.java Thu Nov 30 16:16:41 2006
@@ -52,7 +52,8 @@
* @param actionCtx The <code>Context</code> for the current request
* @return <code>false</code> if the user is authorized for the selected
* action, else <code>true</code> to abort processing.
- * @throws Exception if authorization fails
+ * @throws UnauthorizedActionException if authorization fails
+ * or if an error is encountered in the course of performing the authorization.
*/
public boolean execute(ActionContext actionCtx)
throws Exception {
@@ -70,6 +71,8 @@
throwEx =
!(isAuthorized(actionCtx, actionConfig.getRoleNames(),
actionConfig));
+ } catch (UnauthorizedActionException ex) {
+ throw ex;
} catch (Exception ex) {
throwEx = true;
LOG.error("Unable to complete authorization process", ex);
@@ -109,6 +112,8 @@
* @param actionConfig The current action mapping
* @return <code>true</code> if the request is authorized, else
* <code>false</code>
+ * @throws UnauthorizedActionException If the logic determines that the request is not authorized
+ * but does not wish to rely upon the default mechanism reporting the error.
* @throws Exception If the action cannot be tested for authorization
*/
protected abstract boolean isAuthorized(ActionContext context,