SEC-138: Make exception output to Commons Logging, not system console.

2006-01-26 09:36:48 +00:00 · 2006-01-26 09:36:48 +00:00 · 37802e3748
parent 10541fc9db
commit 37802e3748
1 changed files with 18 additions and 8 deletions
--- a/core/src/main/java/org/acegisecurity/intercept/method/MethodInvocationPrivilegeEvaluator.java
+++ b/core/src/main/java/org/acegisecurity/intercept/method/MethodInvocationPrivilegeEvaluator.java
@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -23,6 +23,9 @@ import org.acegisecurity.intercept.AbstractSecurityInterceptor;

 import org.aopalliance.intercept.MethodInvocation;

+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
 import org.springframework.beans.factory.InitializingBean;

 import org.springframework.util.Assert;
@ -46,12 +49,20 @@ import org.springframework.util.Assert;
 * @version $Id$
 */
 public class MethodInvocationPrivilegeEvaluator implements InitializingBean {
+    //~ Static fields/initializers =============================================
+
+    protected static final Log logger = LogFactory.getLog(MethodInvocationPrivilegeEvaluator.class);
+
    //~ Instance fields ========================================================

    private AbstractSecurityInterceptor securityInterceptor;

    //~ Methods ================================================================

+    public void afterPropertiesSet() throws Exception {
+        Assert.notNull(securityInterceptor, "SecurityInterceptor required");
+    }
+
    public boolean isAllowed(MethodInvocation mi, Authentication authentication) {
        Assert.notNull(authentication, "Authentication required");
        Assert.notNull(authentication.getAuthorities(),
@ -76,10 +87,13 @@ public class MethodInvocationPrivilegeEvaluator implements InitializingBean {
        }

        try {
-            securityInterceptor.getAccessDecisionManager().decide(authentication,
-                mi, attrs);
+            securityInterceptor.getAccessDecisionManager()
+                               .decide(authentication, mi, attrs);
        } catch (AccessDeniedException unauthorized) {
-            unauthorized.printStackTrace();
+            if (logger.isDebugEnabled()) {
+                logger.debug(mi.toString() + " denied for "
+                    + authentication.toString(), unauthorized);
+            }

            return false;
        }
@ -98,8 +112,4 @@ public class MethodInvocationPrivilegeEvaluator implements InitializingBean {
            "AbstractSecurityInterceptor must provide a non-null AccessDecisionManager");
        this.securityInterceptor = securityInterceptor;
    }
-
-    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(securityInterceptor, "SecurityInterceptor required");
-    }
 }