How to handle HTTP 403 with Spring Security 3.0.x -

-

i'm facing little issue spring security 3.0.x (3.0.2 in particular @ moment). whole application i'm working on working except when doesn't have authorities tries log on.

when occurs, users redirected "welcome" page, since username/password valid, , receive cute white page : "error 403: access denied"

so, i've been looking on net trying find how behavior can handled. far i've come conclusion, please correct me if i'm wrong, managed exceptiontranslationfilter. don't quite understand how make use of information.

i've tryied edit securitycontext.xml add access-denied-handler tag http tag, doesn't work. need add more tag make work? there other possibilities make application more user-friendly?

edit : redirect page, let's says 403.html, example.

sincerly,
thanks

i still don't why had implement own access handler... have faced same task:

 <security:access-denied-handler error-page="/accessdenied"/> - works charm.

don't forget specify handler in controller:

 @requestmapping(value = "/accessdenied")       public string accessdenied() {              return "accessdenied"; // logical view name        }

update spring boot(2014 oct):

@configuration @enablewebsecurity public class securityconfiguration extends websecurityconfigureradapter {      @override     protected void configure(httpsecurity http) throws exception {         http.exceptionhandling().accessdeniedhandler(customhandler) or .accessdeniedpage("/somepage.html").and             .formlogin()                 .failurehandler(ajaxauthenticationfailurehandler)}

nowadays don't return views such task since angular js kicks in can use failure/success handler , return tailored json responses. sufficient use failure handler choose want control kick in. don't use view resolvers there ui tiles frameworks(such angular partials) able construct pieces single page you. html pieces stored on server , served static resources.

lets play embedded tomcat achieve similar behavior web.xml !

@configuration @enableautoconfiguration public class applicationwebxml extends springbootservletinitializer {  private static final logger logger = loggerfactory.getlogger(application.class);  @override protected springapplicationbuilder configure(springapplicationbuilder application) {     return application.profiles(adddefaultprofile())             .showbanner(false)             .sources(application.class); }  //required container customizer work, numerous tutorials didn't work me, tried overriding default 1 @bean public embeddedservletcontainerfactory servletcontainer() {     tomcatembeddedservletcontainerfactory tomcat = new tomcatembeddedservletcontainerfactory();     return tomcat; }  @bean public embeddedservletcontainercustomizer containercustomizer(  ) {     return new embeddedservletcontainercustomizer() {         @override         public void customize(configurableembeddedservletcontainer container) {             tomcatembeddedservletcontainerfactory containerfactory = (tomcatembeddedservletcontainerfactory) container;              containerfactory.setsessiontimeout(1); // interest, remove necessary              containerfactory.adderrorpages(new errorpage(httpstatus.forbidden,"/views/accessdenied.html"),                     new errorpage(httpstatus.not_found,"/views/notfound.html"));             containerfactory.addconnectorcustomizers(new tomcatconnectorcustomizer() {                 @override                 public void customize(connector connector) {                     connector.setport(8082);// interest, remove necessary                 }             });         }     }; }

}


Comments

Post a Comment

Popular posts from this blog

android - Spacing between the stars of a rating bar? -

-
ho can set spacing beween stars? thats ratingbar: ratingbar = (ratingbar) inflater.inflate(r.layout.ratingbar, null); ratingbar.setlayoutparams(new layoutparams(layoutparams.wrap_content, layoutparams.wrap_content)); the layout: <?xml version="1.0" encoding="utf-8"?> <ratingbar xmlns:android="http://schemas.android.com/apk/res/android" style="@style/mystyle" android:layout_alignparentright="true" android:layout_height="19dp" android:layout_width="wrap_content" android:numstars="5"> </ratingbar> the style: <style name="mystyle" parent="@android:style/widget.ratingbar"> <item name="android:progressdrawable">@drawable/android_r2_ratingstar_yellow</item> <item name="android:indeterminatedrawable">@drawable/android_r2_ratingstar_grey</item> </style> thanks, cheers you have
Read more

aspxgridview - Devexpress grid - header filter does not work if column is initially hidden -

-
i'm using devexpress grid , i'm trying 'country' column display header filter properly: <dx:gridviewdatacolumn caption="country" fieldname="countryname" showincustomizationform="true" visible="false"> <settings allowheaderfilter="true"/> </dx:gridviewdatacolumn> if 'country' column set visible='true', header filter displayed should(it shows value option list). however, want 'country' column hidden, available in customization window(like in code above). in case, when column dragged outside customization window , grid , header filter clicked, javascript error encountered: element null element.addeventlistener(eventname, func, true); is known bug? there workarounds? set aspxgridview.settings.showheaderfilterbutton property true resolve problem. the following markup works fine me (i using dxperience 10.1.7): <asp:accessdatasource id="accessda
Read more

c# - How to execute a particular part of code asynchronously in a class -

-
i creating speech recognition engine that's going respond user commands.i have created button enable , disable speech recognition per user convenience.i have used dispose() of speech engine disable speech recoginition.here code private void button1_click(object sender, routedeventargs e) { engineon = !engineon; if (engineon) { speechengine = speech.createspeechengine(); //speech class creates , returns new speech engine. speechengine.audiolevelupdated += new eventhandler<audiolevelupdatedeventargs>(speechengine_audiolevelupdated); // use system's default microphone speechengine.setinputtodefaultaudiodevice(); speechengine.loadgrammar(new dictationgrammar()); // start listening speechengine.recognizeasync(recognizemode.multiple); } else { speechclass.myengine.dispose(); } } but disposal of speech obj
Read more