Luke Taylor(Migrated from SEC-1136) said:
There is no longer much purpose in having a single base exception throughout the framework, given the diversity of uses. It would make more sense to have the base exceptions for the core areas of functionality (acls, access-failure, authentication-failure etc) extend NestedRuntimeException individually as the Spring Framework does.
Luke Taylor said:
I’ve introduced a new base class for Acl exceptions. ExceptionTranslationFilter now checks explicitly or AccessDeniedException and AuthenticationException (as it really should) and Jaas exceptions are translated to AuthenticationException instances.
In retrospect, there’s no need to use NestedRuntimeException anymore as basic Java classes now all provide access to the root cause.