[Stripes-users] Stripes Security AutoExceptionHandler

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Nic,

I have implemented my AutoExceptionHandler and it seems that the ActionBean is
ALWAYS null and the code always just goes to my Unauthorized.jsp since the bean
== null.  I have  included my code of my AutoexceptionHandler, maybe it has to
do with the LifecycleStage of your interceptor?

public class SecurityExceptionHandler implements AutoExceptionHandler {
   /**
    * Logger for this class
    */
   private static final Log LOG =
LogFactory.getLog(SecurityExceptionHandler.class);
   private static final String UNAUTHORIZED_MESSAGE = "ACCESS DENIED.  You are
not authorized to access this area.";
   private static final String UNAUTHORIZED_PAGE = "/jsp/Unauthorized.jsp";

   public Resolution handle(StripesAuthorizationException e, HttpServletRequest
request, HttpServletResponse response) {
      LOG.warn("Authorization exception caught and user being informed.");
      java.util.Enumeration db = request.getAttributeNames();
      while (db.hasMoreElements()) {
         String foo = (String)db.nextElement();
         LOG.debug("***" + foo + " : " + request.getAttribute(foo) + "***");
      }
      final ActionBean bean = (ActionBean)
request.getAttribute(StripesConstants.REQ_ATTR_ACTION_BEAN);

      if (bean == null) {
         return new RedirectResolution(UNAUTHORIZED_PAGE);
      } else {
         final ActionBeanContext context = bean.getContext();
         context.getValidationErrors().addGlobalError(new
SimpleError(UNAUTHORIZED_MESSAGE));
         return context.getSourcePageResolution();
      }
   }

}