GRAILS-10291: "Method name must not be null" exception when using custom onUnauthorized method in grails-shiro plugin's ShiroSecurityFilters which calls filter.forward rather than filter.redirect #4512
Description
Original Reporter: mhurne
Environment: Not Specified
Version: 2.2.3
Migrated From: http://jira.grails.org/browse/GRAILS-10291
When using the {{grails-shiro}} plugin with a custom {{onUnauthorized}} method in {{grails-app/conf/ShiroSecurityFilters.groovy}} that calls {{filter.forward}}, {{ProxyAwareMixedGrailsControllerHelper}} throws an {{IllegalArgumentException}} with message "Method name must not be null" when a user attempts to visit a controller action/page they do not have permission to:
{noformat}
| Error 2013-07-26 18:47:58,651 [http-bio-8080-exec-5] ERROR errors.GrailsExceptionResolver - IllegalArgumentException occurred when processing request: [GET] /grails-shiro-forward-on-unauthorized/home/index
Method name must not be null. Stacktrace follows:
Message: Method name must not be null
Line | Method
->> 41 | retrieveAction in grails.plugin.cache.web.ProxyAwareMixedGrailsControllerHelper
| 195 | doFilter in grails.plugin.cache.web.filter.PageFragmentCachingFilter
| 63 | doFilter . . . . . in grails.plugin.cache.web.filter.AbstractFilter
| 20 | onUnauthorized in ShiroSecurityFilters
| 547 | accessControlMethod in ShiroGrailsPlugin
| 262 | doCall in ShiroGrailsPlugin$_closure3_closure26
| 14 | doCall . . . . . . in ShiroSecurityFilters$_closure1_closure2_closure3
| 195 | doFilter in grails.plugin.cache.web.filter.PageFragmentCachingFilter
| 63 | doFilter . . . . . in grails.plugin.cache.web.filter.AbstractFilter
| 55 | doFilter in org.apache.shiro.grails.SavedRequestFilter
| 449 | executeChain . . . in org.apache.shiro.web.servlet.AbstractShiroFilter
| 365 | call in org.apache.shiro.web.servlet.AbstractShiroFilter$1
| 90 | doCall . . . . . . in org.apache.shiro.subject.support.SubjectCallable
| 83 | call in ''
| 380 | execute . . . . . . in org.apache.shiro.subject.support.DelegatingSubject
| 362 | doFilterInternal in org.apache.shiro.web.servlet.AbstractShiroFilter
| 125 | doFilter . . . . . in org.apache.shiro.web.servlet.OncePerRequestFilter
| 1145 | runWorker in java.util.concurrent.ThreadPoolExecutor
| 615 | run . . . . . . . . in java.util.concurrent.ThreadPoolExecutor$Worker
^ 722 | run in java.lang.Thread
{noformat}
Note that the {{grails-shiro}} plugin's default behavior is to call {{filter.redirect}}, which does not result in the above exception being thrown.
A simple sample application that exhibits this issue can be found at https://github.com/mhurne/grails-shiro-forward-on-unauthorized/
To reproduce the issue with the sample application, once the application is up and running, visit http://localhost:8080/grails-shiro-forward-on-unauthorized/home/index . You will be prompted to log in; use username 'user123' and password 'password'. Then you'll see the exception, rather than the expected page telling you that you're not authorized to view {{/home/index}}.