Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 3.1.1.Final, 3.0.21.Final
Affects Version/s: 3.0.16.Final
Component/s: jaxrs
Labels:
None

Git Pull Request:
https://github.com/resteasy/Resteasy/pull/1042, https://github.com/resteasy/Resteasy/pull/1043

~~RESTEASY-1249~~ introduced default message for 403 errors generated by RoleBasedSecurityFilter. However, this default message cannot be overridden by an ExceptionMapper, because an ExceptionMapper is not executed on exceptions that already have an entity. This makes it impossible to customize the response body (or headers) for those errors, and is essentially a regression.

Workaround: ContainerResponseFilter can still be used to customize response, but it would have to filter all responses by status and at that point exception info is already partially lost.

is caused by

RESTEASY-1249 If RoleBased authorization fails the response returned doesn't contain a body text

Closed

is cloned by

JBEAP-7984 RoleBasedSecurityFilter doesn't allow customizing response

Verified

is related to

RESTEASY-1067 Throwing WebApplicationException standard subclasses doesn't produce correct error message

Closed

RESTEASY-1252 Resteasy logs Error stacktrace after every unauthorized request

Closed

relates to

RESTEASY-1563 RoleBasedSecurityFilter doesn't alter the Content-Type header

Resolved

Assignee:: Katerina Odabasi (Inactive)

Reporter:: Anton Koščejev (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2016/04/11 10:54 AM

Updated:: 2021/10/24 6:58 AM

Resolved:: 2017/01/26 11:27 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates