public final class ExceptionHandlingConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<ExceptionHandlingConfigurer<H>,H>
SecurityConfigurer
.
RequestCache
, is provided a RequestCache
shared
object is used to replay the request after authentication is successfulAuthenticationEntryPoint
- see
authenticationEntryPoint(AuthenticationEntryPoint)
Constructor and Description |
---|
ExceptionHandlingConfigurer()
Creates a new instance
|
disable, withObjectPostProcessor
addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilder
public ExceptionHandlingConfigurer()
HttpSecurity.exceptionHandling()
public ExceptionHandlingConfigurer<H> accessDeniedPage(java.lang.String accessDeniedUrl)
AccessDeniedHandler
to be used is a specific error
pageaccessDeniedUrl
- the URL to the access denied page (i.e. /errors/401)ExceptionHandlingConfigurer
for further customizationAccessDeniedHandlerImpl
,
accessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler)
public ExceptionHandlingConfigurer<H> accessDeniedHandler(AccessDeniedHandler accessDeniedHandler)
AccessDeniedHandler
to be usedaccessDeniedHandler
- the AccessDeniedHandler
to be usedExceptionHandlingConfigurer
for further customizationpublic ExceptionHandlingConfigurer<H> defaultAccessDeniedHandlerFor(AccessDeniedHandler deniedHandler, RequestMatcher preferredMatcher)
AccessDeniedHandler
to be used which prefers being
invoked for the provided RequestMatcher
. If only a single default
AccessDeniedHandler
is specified, it will be what is used for the
default AccessDeniedHandler
. If multiple default
AccessDeniedHandler
instances are configured, then a
RequestMatcherDelegatingAccessDeniedHandler
will be used.deniedHandler
- the AccessDeniedHandler
to usepreferredMatcher
- the RequestMatcher
for this default
AccessDeniedHandler
ExceptionHandlingConfigurer
for further customizationspublic ExceptionHandlingConfigurer<H> authenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint)
AuthenticationEntryPoint
to be used.
If no authenticationEntryPoint(AuthenticationEntryPoint)
is specified,
then
defaultAuthenticationEntryPointFor(AuthenticationEntryPoint, RequestMatcher)
will be used. The first AuthenticationEntryPoint
will be used as the
default if no matches were found.
If that is not provided defaults to Http403ForbiddenEntryPoint
.
authenticationEntryPoint
- the AuthenticationEntryPoint
to useExceptionHandlingConfigurer
for further customizationspublic ExceptionHandlingConfigurer<H> defaultAuthenticationEntryPointFor(AuthenticationEntryPoint entryPoint, RequestMatcher preferredMatcher)
AuthenticationEntryPoint
to be used which prefers being
invoked for the provided RequestMatcher
. If only a single default
AuthenticationEntryPoint
is specified, it will be what is used for the
default AuthenticationEntryPoint
. If multiple default
AuthenticationEntryPoint
instances are configured, then a
DelegatingAuthenticationEntryPoint
will be used.entryPoint
- the AuthenticationEntryPoint
to usepreferredMatcher
- the RequestMatcher
for this default
AuthenticationEntryPoint
ExceptionHandlingConfigurer
for further customizationspublic void configure(H http)
SecurityConfigurer
SecurityBuilder
by setting the necessary properties on the
SecurityBuilder
.configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>