SEC-2148: AccessDecisionVoters should return an AccessDecision instead of int #2374
Labels
in: core
An issue in spring-security-core
type: enhancement
A general enhancement
type: jira
An issue that was migrated from JIRA
Comments
spring-projects-issues
added
in: core
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Janning Vygen (Migrated from SEC-2148) said:
An AccessDecisionManager throws an AccessDeniedException (ADE) which is handled later by an ExceptionTranslationFilter and AccessDeniedHandler. Inside AccessDeniedHandler we would like to forward to different error pages depending on the cause of the ADE.
But the AccessDecisionManager is just asking AccessDecisionVoter and it just returns an int for ACCESS_GRANTED or ACCESS_DENIED. It would be nice if an AccessDecisionVoter would return an AccessDecision which can hold the pure decision like granted/denied and a cause if the access was denied.
The AccessDecisionManager could then throw an ADE containing the accessDecision. The AccessDeniedHandler can grab this decision and decide what to show to the user.
The text was updated successfully, but these errors were encountered: