wood burning stoves 2.0*
The moose likes Spring and the fly likes Spring Security Handling @PreAuthorize Exception Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Spring Security Handling @PreAuthorize Exception " Watch "Spring Security Handling @PreAuthorize Exception " New topic
Author

Spring Security Handling @PreAuthorize Exception

Luis Parente
Ranch Hand

Joined: Jan 17, 2012
Posts: 39
Hi All,

Before all, I want to apologize for my bad English.

Well I'm trying to handle the @PreAuthorize exeception and redirect to my access denied page.


I have two things:

My custom access denied page that is configured and it's work fine. I have add and the jspx, works perfectly except with de PreAuthorize.

I have put in a controller, on top of the method and it's throw an exception if I have another ROLE.

This is my full configuration:

in webmvc-config.xml:


in applicationContext.xml



and it's ok.... in my class SkipMethodCallAccessDecisionManager with a breakpoint in



the exception is caught in InvocableHandlerMethod.class:



And in the browser I have the default error page.....

When and how I do redirect to my custom access denied page?


I need some help please



Thanks in advance.

Best regards.
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17249
    
    6

One way to have Exceptions directed to a specific page are xml and annotations. Personally, I like the annotation. In Spring MVC you can annotate a Controller method with

@ExceptionHandler({ExceptionClassesAsArrayHere.class})
public String someMethod() {

I can do anything here
return "viewNameForCustomExceptionPage";
}

Sorry I didn't indent it, but is it such small amount of code.

Good Luck

Mark


Perfect World Programming, LLC - Two Laptop Bag - Tube Organizer
How to Ask Questions the Smart Way FAQ
Luis Parente
Ranch Hand

Joined: Jan 17, 2012
Posts: 39
I don't have saw before, but in my file webmvc-config.xml




I have added the definition for my custom access denied page and now it's work


Thanks for your response!
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17249
    
    6

Yep that is the xml version that I mentioned. I perfer the annotations, but that also works too, just more verbose.

Mark
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Spring Security Handling @PreAuthorize Exception
 
Similar Threads
spring security form based login using database not responding
No AuthenticationEntryPoint could be established
Spring security multiple login pages
No bean named '' is defined
force https in spring security 3