bdawg.io
02/23/2019, 11:13 PMktor-auth
idiomatic way to return a 403 Forbidden
for a found principal?
I am able to authenticate the user with their credentials, but I committed to the clients that I would return a forbidden respond when the user is not authorized with a certain permission.Riccardo Montagnin
02/24/2019, 7:43 PMUserNotAuthorizedException
and catch it inside StatusPages
returning a 403 in that case