org.springframework.security.web.access.AccessDeniedHandler Java Examples

The following examples show how to use org.springframework.security.web.access.AccessDeniedHandler. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: WebSecurityBeanConfig.java    From webauthn4j-spring-security with Apache License 2.0 7 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
    LinkedHashMap<Class<? extends AccessDeniedException>, AccessDeniedHandler> errorHandlers = new LinkedHashMap<>();

    // invalid csrf authenticator error handler
    AccessDeniedHandlerImpl invalidCsrfTokenErrorHandler = new AccessDeniedHandlerImpl();
    invalidCsrfTokenErrorHandler.setErrorPage("/api/status/403");
    errorHandlers.put(InvalidCsrfTokenException.class, invalidCsrfTokenErrorHandler);

    // missing csrf authenticator error handler
    AccessDeniedHandlerImpl missingCsrfTokenErrorHandler = new AccessDeniedHandlerImpl();
    missingCsrfTokenErrorHandler.setErrorPage("/api/status/403");
    errorHandlers.put(MissingCsrfTokenException.class, missingCsrfTokenErrorHandler);

    // default error handler
    AccessDeniedHandlerImpl defaultErrorHandler = new AccessDeniedHandlerImpl();
    defaultErrorHandler.setErrorPage("/api/status/403");

    return new DelegatingAccessDeniedHandler(errorHandlers, defaultErrorHandler);
}
 
Example #2
Source File: WebSecurityBeanConfig.java    From webauthn4j-spring-security with Apache License 2.0 6 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
    LinkedHashMap<Class<? extends AccessDeniedException>, AccessDeniedHandler> errorHandlers = new LinkedHashMap<>();

    // invalid csrf authenticator error handler
    AccessDeniedHandlerImpl invalidCsrfTokenErrorHandler = new AccessDeniedHandlerImpl();
    invalidCsrfTokenErrorHandler.setErrorPage("/api/status/403");
    errorHandlers.put(InvalidCsrfTokenException.class, invalidCsrfTokenErrorHandler);

    // missing csrf authenticator error handler
    AccessDeniedHandlerImpl missingCsrfTokenErrorHandler = new AccessDeniedHandlerImpl();
    missingCsrfTokenErrorHandler.setErrorPage("/api/status/403");
    errorHandlers.put(MissingCsrfTokenException.class, missingCsrfTokenErrorHandler);

    // default error handler
    AccessDeniedHandlerImpl defaultErrorHandler = new AccessDeniedHandlerImpl();
    defaultErrorHandler.setErrorPage("/api/status/403");

    return new DelegatingAccessDeniedHandler(errorHandlers, defaultErrorHandler);
}
 
Example #3
Source File: ResourceServerConfiguration.java    From spring-security with Apache License 2.0 5 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler(){
    return (HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) -> {
        Map<String, Object> map = new HashMap<>();
        map.put("code", 401);
        map.put("msg", "抱歉,没有权限,请联系管理员");
        map.put("path", request.getServletPath());
        map.put("timestamp", System.nanoTime());
        response.setCharacterEncoding(CharsetUtil.UTF_8);
        response.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        response.getWriter().write(JSON.toJSONString(map));
    };
}
 
Example #4
Source File: WebSecurityConfig.java    From SpringBootLearn with Apache License 2.0 5 votes vote down vote up
@Autowired
public WebSecurityConfig(JwtAuthenticationEntryPoint unauthorizedHandler,
                         @Qualifier("RestAuthenticationAccessDeniedHandler") AccessDeniedHandler accessDeniedHandler,
                         JwtAuthenticationTokenFilter authenticationTokenFilter) {
    this.unauthorizedHandler = unauthorizedHandler;
    this.accessDeniedHandler = accessDeniedHandler;
    this.authenticationTokenFilter = authenticationTokenFilter;
}
 
Example #5
Source File: ServletSecurityErrorsAutoConfiguration.java    From errors-spring-boot-starter with Apache License 2.0 5 votes vote down vote up
/**
 * Registers a handler to handle to access denied exceptions.
 *
 * @return The registered access denied handler.
 */
@Bean
@ConditionalOnClass(name = "org.springframework.security.web.access.AccessDeniedHandler")
public AccessDeniedHandler accessDeniedHandler() {
    return (request, response, exception) -> {
        if (!response.isCommitted()) {
            request.setAttribute(ERROR_ATTRIBUTE, exception);
            response.sendError(HttpServletResponse.SC_FORBIDDEN);
        }
    };
}
 
Example #6
Source File: WebSecurityConfig.java    From spring-security with Apache License 2.0 5 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler(){
    return new AccessDeniedHandler() {
        @Override
        public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) throws IOException, ServletException {
            httpServletResponse.setContentType("application/json;charset=utf-8");
            PrintWriter out = httpServletResponse.getWriter();
            out.write("{\"status\":\"error\",\"msg\":\"权限不足\"}");
            out.flush();
            out.close();
        }
    };
}
 
Example #7
Source File: ResourceServerConfiguration.java    From spring-security with Apache License 2.0 5 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler(){
    return (HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) -> {
        Map<String, Object> map = new HashMap<>();
        map.put("code", 401);
        map.put("msg", "抱歉,没有权限,请联系管理员李浩东");
        map.put("path", request.getServletPath());
        map.put("timestamp", System.nanoTime());
        response.setCharacterEncoding(CharsetUtil.UTF_8);
        response.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        response.getWriter().write(JSON.toJSONString(map));
    };
}
 
Example #8
Source File: WebSecurityConfig.java    From api-server-seed with Apache License 2.0 5 votes vote down vote up
@Autowired
    public WebSecurityConfig(JwtAuthenticationEntryPoint unauthorizedHandler,
                             @Qualifier("RestAuthenticationAccessDeniedHandler") AccessDeniedHandler accessDeniedHandler,
                             @Qualifier("myUserDetailsService") UserDetailsService myUserDetailsService
//                             JwtAuthenticationTokenFilter authenticationTokenFilter
    ) {
        this.unauthorizedHandler = unauthorizedHandler;
        this.accessDeniedHandler = accessDeniedHandler;
        this.userDetailsService = myUserDetailsService;
//        this.authenticationTokenFilter = authenticationTokenFilter;
    }
 
Example #9
Source File: SpringSecurityConfig.java    From spring-boot-blog with Apache License 2.0 4 votes vote down vote up
@Autowired
public SpringSecurityConfig(AccessDeniedHandler accessDeniedHandler, DataSource dataSource) {
    this.accessDeniedHandler = accessDeniedHandler;
    this.dataSource = dataSource;
}
 
Example #10
Source File: BaseSecurityConfig.java    From spring-boot-doma2-sample with Apache License 2.0 4 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
    return new DefaultAccessDeniedHandler();
}
 
Example #11
Source File: SecurityHandlerConfig.java    From spring-boot-demo with MIT License 4 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
    return (request, response, accessDeniedException) -> ResponseUtil.renderJson(response, Status.ACCESS_DENIED, null);
}
 
Example #12
Source File: ApiBootWebSecurityJdbcAutoConfiguration.java    From api-boot with Apache License 2.0 4 votes vote down vote up
public ApiBootWebSecurityJdbcAutoConfiguration(ApiBootSecurityProperties apiBootSecurityProperties, ObjectProvider<AccessDeniedHandler> accessDeniedHandler, ObjectProvider<AuthenticationEntryPoint> authenticationEntryPoint) {
    super(apiBootSecurityProperties, accessDeniedHandler.getIfAvailable(), authenticationEntryPoint.getIfAvailable());
}
 
Example #13
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
@Bean
public AccessDeniedHandler nonRedirectingAccessDeniedHandler(){
    return new AccessDeniedHandlerImpl();
}
 
Example #14
Source File: OpenApiSecurityConfigurer.java    From spring-backend-boilerplate with Apache License 2.0 4 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandlerImpl() {
    return new AccessDeniedHandlerRestImpl();
}
 
Example #15
Source File: SpringSecurityConfig.java    From spring-boot-shopping-cart with GNU General Public License v3.0 4 votes vote down vote up
@Autowired
public SpringSecurityConfig(AccessDeniedHandler accessDeniedHandler, DataSource dataSource) {
    this.accessDeniedHandler = accessDeniedHandler;
    this.dataSource = dataSource;
}
 
Example #16
Source File: FebsSecurityConfig.java    From FEBS-Security with Apache License 2.0 4 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
    return new FebsAuthenticationAccessDeniedHandler();
}
 
Example #17
Source File: SecurityHandlerConfig.java    From spring-boot-demo with MIT License 4 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
    return (request, response, accessDeniedException) -> ResponseUtil.renderJson(response, Status.ACCESS_DENIED, null);
}
 
Example #18
Source File: ServletConfig.java    From errors-spring-boot-starter with Apache License 2.0 4 votes vote down vote up
public ServletConfig(AccessDeniedHandler accessDeniedHandler, AuthenticationEntryPoint authenticationEntryPoint) {
    this.accessDeniedHandler = accessDeniedHandler;
    this.authenticationEntryPoint = authenticationEntryPoint;
}
 
Example #19
Source File: WebSecurityContext.java    From syncope with Apache License 2.0 4 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
    return new SyncopeAccessDeniedHandler();
}
 
Example #20
Source File: SecSecurityConfig.java    From tutorials with MIT License 4 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
    return new CustomAccessDeniedHandler();
}
 
Example #21
Source File: SecurityConfig.java    From tutorials with MIT License 4 votes vote down vote up
/**
 * Login, Logout, Success, and Access Denied beans/handlers
 */

@Bean
public AccessDeniedHandler accessDeniedHandler() {
    return new CustomAccessDeniedHandler();
}
 
Example #22
Source File: ApiBootWebSecurityMemoryAutoConfiguration.java    From api-boot with Apache License 2.0 4 votes vote down vote up
public ApiBootWebSecurityMemoryAutoConfiguration(ApiBootSecurityProperties apiBootSecurityProperties, ObjectProvider<AccessDeniedHandler> accessDeniedHandler, ObjectProvider<AuthenticationEntryPoint> authenticationEntryPoint) {
    super(apiBootSecurityProperties, accessDeniedHandler.getIfAvailable(), authenticationEntryPoint.getIfAvailable());
}
 
Example #23
Source File: ApiBootWebSecurityAutoConfiguration.java    From api-boot with Apache License 2.0 4 votes vote down vote up
public ApiBootWebSecurityAutoConfiguration(ApiBootSecurityProperties apiBootSecurityProperties, AccessDeniedHandler accessDeniedHandler, AuthenticationEntryPoint authenticationEntryPoint) {
    this.apiBootSecurityProperties = apiBootSecurityProperties;
    this.accessDeniedHandler = accessDeniedHandler;
    this.authenticationEntryPoint = authenticationEntryPoint;
}
 
Example #24
Source File: SecurityHandlerConfig.java    From spring-boot-demo with MIT License 4 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
    return (request, response, accessDeniedException) -> ResponseUtil.renderJson(response, Status.ACCESS_DENIED, null);
}
 
Example #25
Source File: PreCheckFilter.java    From open-cloud with MIT License 4 votes vote down vote up
public PreCheckFilter(AccessManager accessManager, AccessDeniedHandler accessDeniedHandler) {
    this.accessManager = accessManager;
    this.accessDeniedHandler = accessDeniedHandler;
}
 
Example #26
Source File: CustomResourceServerConfig.java    From spring-microservice-exam with MIT License 4 votes vote down vote up
@Bean
@ConditionalOnMissingBean(AccessDeniedHandler.class)
public AccessDeniedHandler accessDeniedHandler() {
    return new CustomAccessDeniedHandler(objectMapper);
}
 
Example #27
Source File: SecurityConfig.java    From spring-microservice-exam with MIT License 4 votes vote down vote up
@Bean
public AccessDeniedHandler accessDeniedHandler() {
   	return new CustomOAuth2AccessDeniedHandler();
}
 
Example #28
Source File: ApiBootWebSecurityJdbcAutoConfiguration.java    From beihu-boot with Apache License 2.0 4 votes vote down vote up
public ApiBootWebSecurityJdbcAutoConfiguration(ApiBootSecurityProperties apiBootSecurityProperties, ObjectProvider<AccessDeniedHandler> accessDeniedHandler, ObjectProvider<AuthenticationEntryPoint> authenticationEntryPoint) {
    super(apiBootSecurityProperties, accessDeniedHandler.getIfAvailable(), authenticationEntryPoint.getIfAvailable());
}
 
Example #29
Source File: ApiBootWebSecurityMemoryAutoConfiguration.java    From beihu-boot with Apache License 2.0 4 votes vote down vote up
public ApiBootWebSecurityMemoryAutoConfiguration(ApiBootSecurityProperties apiBootSecurityProperties, ObjectProvider<AccessDeniedHandler> accessDeniedHandler, ObjectProvider<AuthenticationEntryPoint> authenticationEntryPoint) {
    super(apiBootSecurityProperties, accessDeniedHandler.getIfAvailable(), authenticationEntryPoint.getIfAvailable());
}
 
Example #30
Source File: ApiBootWebSecurityAutoConfiguration.java    From beihu-boot with Apache License 2.0 4 votes vote down vote up
public ApiBootWebSecurityAutoConfiguration(ApiBootSecurityProperties apiBootSecurityProperties, AccessDeniedHandler accessDeniedHandler, AuthenticationEntryPoint authenticationEntryPoint) {
    this.apiBootSecurityProperties = apiBootSecurityProperties;
    this.accessDeniedHandler = accessDeniedHandler;
    this.authenticationEntryPoint = authenticationEntryPoint;
}