AccessDeniedHandlerImpl (spring-security-docs-manual 5.4.8 API)

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- org.springframework.security.web.access.AccessDeniedHandlerImpl

All Implemented Interfaces:

AccessDeniedHandler
```
public class AccessDeniedHandlerImpl
extends java.lang.Object
implements AccessDeniedHandler
```
Base implementation of AccessDeniedHandler.
This implementation sends a 403 (SC_FORBIDDEN) HTTP error code. In addition, if an errorPage is defined, the implementation will perform a request dispatcher "forward" to the specified error page view. Being a "forward", the SecurityContextHolder will remain populated. This is of benefit if the view (or a tag library or macro) wishes to access the SecurityContextHolder. The request scope will also be populated with the exception itself, available from the key WebAttributes.ACCESS_DENIED_403.

Field Summary

Fields
Modifier and Type Field and Description

protected static org.apache.commons.logging.Log logger

Constructor Summary

Constructors
Constructor and Description

AccessDeniedHandlerImpl()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`handle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AccessDeniedException accessDeniedException)` Handles an access denied failure.
`void`	`setErrorPage(java.lang.String errorPage)` The error page to use.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - logger
```
protected static final org.apache.commons.logging.Log logger
```
- Constructor Detail
  - AccessDeniedHandlerImpl
```
public AccessDeniedHandlerImpl()
```
- Method Detail
  - handle
```
public void handle(javax.servlet.http.HttpServletRequest request,
                   javax.servlet.http.HttpServletResponse response,
                   AccessDeniedException accessDeniedException)
            throws java.io.IOException,
                   javax.servlet.ServletException
```
    Description copied from interface: AccessDeniedHandler
    
    Handles an access denied failure.
    
    Specified by:
    
    handle in interface AccessDeniedHandler
    
    Parameters:
    
    request - that resulted in an AccessDeniedException
    
    response - so that the user agent can be advised of the failure
    
    accessDeniedException - that caused the invocation
    
    Throws:
    
    java.io.IOException - in the event of an IOException
    
    javax.servlet.ServletException - in the event of a ServletException
  - setErrorPage
```
public void setErrorPage(java.lang.String errorPage)
```
    The error page to use. Must begin with a "/" and is interpreted relative to the current context root.
    
    Parameters:
    
    errorPage - the dispatcher path to display
    
    Throws:
    
    java.lang.IllegalArgumentException - if the argument doesn't comply with the above limitations

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method