Currently, the Remoting resource class swallows all exceptions. Because of this, it is not possible to gracefully handle security restrictions in WebRemote methods from the client.
- Simply bubble the Exception all the way up through the ResourceServlet. If the ResourceServlet throws the exception, the ExceptionFilter should pick up on it. The XHR would then receive the proper error code as defined in the pages.xml and could properly redirect the user to the correct login page.
- Have the ResourceServlet trap for NotLoggedInException's or NotAuthorizedException's and return the respective HTTP status code. The XHR would then receive the error code and be able to redirect the user to the correct login page.