You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Torsten Krah (JIRA)" <ji...@apache.org> on 2008/08/15 13:06:25 UTC
[jira] Created: (WW-2769) Default RolesInterceptor not well suited
@portlet environment, sending 403 is forbidden in portlets
Default RolesInterceptor not well suited @portlet environment, sending 403 is forbidden in portlets
---------------------------------------------------------------------------------------------------
Key: WW-2769
URL: https://issues.apache.org/struts/browse/WW-2769
Project: Struts 2
Issue Type: Bug
Components: Core Interceptors
Affects Versions: 2.0.11.2
Environment: Linux 2.6.x, Pluto 1.1.6 & Tomcat 6.0.18
Reporter: Torsten Krah
The default RolesInterceptor does handle a forbidden request in the handleRejection method with a 403 Error.
However, sending a 403 directly to the request back to the user is forbidden in a portlet.
The default RolesInterceptor implementation does not handle this very well.
A workaround is to override the handleRejection method of the RolesInterceptor (and using this one instead of the default) which does throw a custom exception, which is handled by a global-exception definition which sent the user to a custom error page displaying a forbidden message.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (WW-2769) Default RolesInterceptor not well suited
@portlet environment, sending 403 is forbidden in portlets
Posted by "James Holmes (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Holmes updated WW-2769:
-----------------------------
Assigning this to future until the dependent XWork enhancement is made.
> Default RolesInterceptor not well suited @portlet environment, sending 403 is forbidden in portlets
> ---------------------------------------------------------------------------------------------------
>
> Key: WW-2769
> URL: https://issues.apache.org/struts/browse/WW-2769
> Project: Struts 2
> Issue Type: Bug
> Components: Core Interceptors
> Affects Versions: 2.0.11.2
> Environment: Linux 2.6.x, Pluto 1.1.6 & Tomcat 6.0.18
> Reporter: Torsten Krah
>
> The default RolesInterceptor does handle a forbidden request in the handleRejection method with a 403 Error.
> However, sending a 403 directly to the request back to the user is forbidden in a portlet.
> The default RolesInterceptor implementation does not handle this very well.
> A workaround is to override the handleRejection method of the RolesInterceptor (and using this one instead of the default) which does throw a custom exception, which is handled by a global-exception definition which sent the user to a custom error page displaying a forbidden message.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (WW-2769) Default RolesInterceptor not well suited
@portlet environment, sending 403 is forbidden in portlets
Posted by "James Holmes (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Holmes updated WW-2769:
-----------------------------
Fix Version/s: Future
> Default RolesInterceptor not well suited @portlet environment, sending 403 is forbidden in portlets
> ---------------------------------------------------------------------------------------------------
>
> Key: WW-2769
> URL: https://issues.apache.org/struts/browse/WW-2769
> Project: Struts 2
> Issue Type: Bug
> Components: Core Interceptors
> Affects Versions: 2.0.11.2
> Environment: Linux 2.6.x, Pluto 1.1.6 & Tomcat 6.0.18
> Reporter: Torsten Krah
> Fix For: Future
>
>
> The default RolesInterceptor does handle a forbidden request in the handleRejection method with a 403 Error.
> However, sending a 403 directly to the request back to the user is forbidden in a portlet.
> The default RolesInterceptor implementation does not handle this very well.
> A workaround is to override the handleRejection method of the RolesInterceptor (and using this one instead of the default) which does throw a custom exception, which is handled by a global-exception definition which sent the user to a custom error page displaying a forbidden message.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (WW-2769) Default RolesInterceptor not well suited
@portlet environment, sending 403 is forbidden in portlets
Posted by "Nils-Helge Garli (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nils-Helge Garli updated WW-2769:
---------------------------------
Component/s: Plugin - Portlet
> Default RolesInterceptor not well suited @portlet environment, sending 403 is forbidden in portlets
> ---------------------------------------------------------------------------------------------------
>
> Key: WW-2769
> URL: https://issues.apache.org/struts/browse/WW-2769
> Project: Struts 2
> Issue Type: Bug
> Components: Core Interceptors, Plugin - Portlet
> Affects Versions: 2.0.11.2
> Environment: Linux 2.6.x, Pluto 1.1.6 & Tomcat 6.0.18
> Reporter: Torsten Krah
> Fix For: Future
>
>
> The default RolesInterceptor does handle a forbidden request in the handleRejection method with a 403 Error.
> However, sending a 403 directly to the request back to the user is forbidden in a portlet.
> The default RolesInterceptor implementation does not handle this very well.
> A workaround is to override the handleRejection method of the RolesInterceptor (and using this one instead of the default) which does throw a custom exception, which is handled by a global-exception definition which sent the user to a custom error page displaying a forbidden message.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (WW-2769) Default RolesInterceptor not well
suited @portlet environment, sending 403 is forbidden in portlets
Posted by "Nils-Helge Garli (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2769?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=45043#action_45043 ]
Nils-Helge Garli commented on WW-2769:
--------------------------------------
Waiting for http://jira.opensymphony.com/browse/XW-554 so we don't have to duplicate all the interceptor configuration.
> Default RolesInterceptor not well suited @portlet environment, sending 403 is forbidden in portlets
> ---------------------------------------------------------------------------------------------------
>
> Key: WW-2769
> URL: https://issues.apache.org/struts/browse/WW-2769
> Project: Struts 2
> Issue Type: Bug
> Components: Core Interceptors
> Affects Versions: 2.0.11.2
> Environment: Linux 2.6.x, Pluto 1.1.6 & Tomcat 6.0.18
> Reporter: Torsten Krah
>
> The default RolesInterceptor does handle a forbidden request in the handleRejection method with a 403 Error.
> However, sending a 403 directly to the request back to the user is forbidden in a portlet.
> The default RolesInterceptor implementation does not handle this very well.
> A workaround is to override the handleRejection method of the RolesInterceptor (and using this one instead of the default) which does throw a custom exception, which is handled by a global-exception definition which sent the user to a custom error page displaying a forbidden message.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.