View Javadoc
1   package org.itracker.web.security;
2   
3   import org.slf4j.Logger;
4   import org.slf4j.LoggerFactory;
5   import org.springframework.security.access.AccessDeniedException;
6   import org.springframework.security.web.DefaultRedirectStrategy;
7   import org.springframework.security.web.RedirectStrategy;
8   import org.springframework.security.web.access.AccessDeniedHandler;
9   
10  import javax.servlet.ServletException;
11  import javax.servlet.http.HttpServletRequest;
12  import javax.servlet.http.HttpServletResponse;
13  import java.io.IOException;
14  
15  public class DefaultAccessDeniedHandler implements AccessDeniedHandler {
16      private static final Logger log = LoggerFactory.getLogger(DefaultAccessDeniedHandler.class);
17      private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
18      private String unauthorizedUrl ="/";
19  
20      @Override
21      public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
22      //
23          log.warn("access was denied for " + request.getServletPath(), accessDeniedException);
24  
25          getRedirectStrategy().sendRedirect(request, response, unauthorizedUrl);
26      }
27  
28      public String getUnauthorizedUrl() {
29          return unauthorizedUrl;
30      }
31  
32      public void setUnauthorizedUrl(String unauthorizedUrl) {
33          this.unauthorizedUrl = unauthorizedUrl;
34      }
35  
36      public RedirectStrategy getRedirectStrategy() {
37          return redirectStrategy;
38      }
39  
40      public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
41          this.redirectStrategy = redirectStrategy;
42      }
43  }