Skip to content

ExceptionTranslationFilter swallowing AccessDeniedException #4630

New issue
New issue
Closed
Closed
ExceptionTranslationFilter swallowing AccessDeniedException#4630
Assignees
rwinch
Labels
in: webAn issue in web modules (web, webmvc)status: duplicateA duplicate of another issue
@diogosantana

Description

@diogosantana
diogosantana
opened on Oct 13, 2017

Summary

ExceptionTranslationFilter.handleSpringSecurityException is swallowing AccessDeniedException when authentication object is anonymous.

Maybe this is as designed, but I trying to capture that exception in my AuthenticationEntryPoint to i18ned it, but I only got InsufficientAuthenticationException with message "Full authentication is required to access this resource".

Should ExceptionTranslationFilter be MessageSourceAware? I can create another issue if yes.

Actual Behavior

Expected Behavior

I will let to you guys to decide the best solution. :)

Configuration

Spring boot default with custom AuthenticationEntryPoint.

Version

spring-security-4.2.3-RELEASE via spring-boot-1.5.7.RELEASE

Sample

I can create one if needed.

Metadata

Metadata

Assignees

Labels

in: webAn issue in web modules (web, webmvc)status: duplicateA duplicate of another issue

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions