Announcement Announcement Module
Collapse
No announcement yet.
How to handle the customize AccessDeniedException in the spring security. Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to handle the customize AccessDeniedException in the spring security.

    This is my configure xml:
    HTML Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                            http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
    
    	<http auto-config="true">
    		<custom-filter position="PRE_AUTH_FILTER" ref="myFilter" />
    	</http>
    
    	<beans:bean id="myFilter"
    		class="com.sysatwork.keysafe.filter.IpAddressFilter">
                    <beans:property name="validIPs" value="127.0.0.1" />
    	</beans:bean>
    
    	<authentication-manager />
    </beans:beans>
    And I throw AccessDeniedException in my filter if the ip is not valid. But the spring security did not handle this exception. It turns to my default 500 error page defined in my web.xml instead of turns to my default 403 error page.

    Pls help me , Tks

  • #2
    The ExcpetionTranslationFilter will only catch exceptions that happen after it in the FilterChain.

    PS: if you haven't considered it already, you might look into using Spring Security's hasIpAddress.

    Comment

    Working...
    X