Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1103: ExceptionTranslationFilter does not handle JspException #1353

Closed
spring-issuemaster opened this Issue Feb 8, 2009 · 2 comments

Comments

Projects
None yet
1 participant

Greg Bowyer(Migrated from SEC-1103) said:

The ExceptionTranslationFilter currently does not handle JspException, this means that when a security exception occurs it is not trapped by the filter, and the security handling is never correctly fired.

Greg Bowyer said:

Attached is a patch that solves the above issue

Luke Taylor said:

This is essentially a view-specific issue and not a bug since the ThrowableAnalyzer is customizable specifically to allow you to handle this kind of behaviour from the view layer. We’d prefer to restrict the web module dependencies to the servlet API.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment