SEC-1103: ExceptionTranslationFilter does not handle JspException #1353

spring-issuemaster opened this Issue Feb 8, 2009 · 2 comments

1 participant


Greg Bowyer (Migrated from SEC-1103) said:

The ExceptionTranslationFilter currently does not handle JspException, this means that when a security exception occurs it is not trapped by the filter, and the security handling is never correctly fired.


Greg Bowyer said:

Attached is a patch that solves the above issue


Luke Taylor said:

This is essentially a view-specific issue and not a bug since the ThrowableAnalyzer is customizable specifically to allow you to handle this kind of behaviour from the view layer. We’d prefer to restrict the web module dependencies to the servlet API.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment