I would like to use two different pages for error handling in spring security.
In case the user does not have permission to access a web page I redirect him to an access denied page using the following
<security:intercept-url pattern="/denied" access="permitAll" />
<security:access-denied-handler error-page="/denied" />
However, if an user mistype an url (404 page not found) I want the user redirected to error.jsp page. At the moment this is redirected automatically by spring to the access denied page. How can I distinguish the two in Spring security
This my Error Handler
@ControllerAdvice
public class ErrorHandler
{
@ExceptionHandler(AccessDeniedException.class)
public String handleAccessException(AccessDeniedException ex)
{
return "denied";
}
// This is my attempt
@ExceptionHandler(Throwable.class)
public String handleAnyException(Throwable ex)
{
return "error";
}
}
Thanks
Aucun commentaire:
Enregistrer un commentaire