[SPRING] 스프링 보안에서 AccessDeniedException을 처리하는 방법?
SPRING스프링 보안에서 AccessDeniedException을 처리하는 방법?
나는 스프링 보안 3을 사용하고 있는데 AccessDeniedException이 던져 질 때마다 사용자가 특정 페이지로 리다이렉트된다.
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:71)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:203)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:106)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:112)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:964)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:619)
그래서 나는 접근 거부 된 처리자를 사용하려고 시도했다. 여기 처리기가 있습니다.
@Service("accessDeniedHandler")
public class AccessDeniedHandler extends AccessDeniedHandlerImpl {
Log log = LogFactory.getLog(getClass());
@Override
public void handle(HttpServletRequest request,
HttpServletResponse response, AccessDeniedException exception)
throws IOException, ServletException {
log.info("############### Access Denied Handler!");
setErrorPage("/accessDenied");
super.handle(request, response, exception);
}
}
하지만 문제 : 그 예외가 던져 질 때, 그것은 accessDeniedHandler 클래스를 입력하지 않습니다, 제발 조언입니다.
업데이트 : 나는 예외 콩의 솔루션을 시도하고, 여전히 동일한 동작을 받고, 예외가 발생하지만, 리다이렉션은 accessDenied 페이지에 발생하지 않습니다.
로그 :
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG Converted URL to lowercase, from: '/'; to: '/'
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG Converted URL to lowercase, from: '/'; to: '/'
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /**; matched=true
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /**; matched=true
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG / at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG / at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG HttpSession returned null object for SPRING_SECURITY_CONTEXT
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG HttpSession returned null object for SPRING_SECURITY_CONTEXT
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@5b7da0d1. A new one will be created.
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@5b7da0d1. A new one will be created.
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG pathInfo: both null (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG pathInfo: both null (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG queryString: both null (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG queryString: both null (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG requestURI: arg1=/MyApp/; arg2=/MyApp/ (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG requestURI: arg1=/MyApp/; arg2=/MyApp/ (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG serverPort: arg1=8080; arg2=8080 (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG serverPort: arg1=8080; arg2=8080 (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG requestURL: arg1=http://localhost:8080/MyApp/; arg2=http://localhost:8080/MyApp/ (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG requestURL: arg1=http://localhost:8080/MyApp/; arg2=http://localhost:8080/MyApp/ (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG scheme: arg1=http; arg2=http (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG scheme: arg1=http; arg2=http (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG serverName: arg1=localhost; arg2=localhost (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG serverName: arg1=localhost; arg2=localhost (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG contextPath: arg1=/MyApp; arg2=/MyApp (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG contextPath: arg1=/MyApp; arg2=/MyApp (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG servletPath: arg1=/; arg2=/ (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG servletPath: arg1=/; arg2=/ (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG Removing DefaultSavedRequest from session if present
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG Removing DefaultSavedRequest from session if present
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 7 of 10 in additional filter chain; firing Filter: 'RememberMeAuthenticationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 7 of 10 in additional filter chain; firing Filter: 'RememberMeAuthenticationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 8 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 8 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90576bf4: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7F9F9C2E2922F5072EE36B6FBCFE8837; Granted Authorities: ROLE_ANONYMOUS'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90576bf4: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7F9F9C2E2922F5072EE36B6FBCFE8837; Granted Authorities: ROLE_ANONYMOUS'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG / at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG / at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Converted URL to lowercase, from: '/'; to: '/'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Converted URL to lowercase, from: '/'; to: '/'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /accessdenied; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /accessdenied; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /login; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /login; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /j_spring_security_check; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /j_spring_security_check; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /faces/javax.faces.resource/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /faces/javax.faces.resource/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /xmlhttp/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /xmlhttp/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /resources/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /resources/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/faces/javax.faces.resource/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/faces/javax.faces.resource/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/xmlhttp/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/xmlhttp/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/resources/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/resources/**; matched=false
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /**; matched=true
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /**; matched=true
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Secure object: FilterInvocation: URL: /; Attributes: [isAuthenticated()]
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Secure object: FilterInvocation: URL: /; Attributes: [isAuthenticated()]
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@90576bf4: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7F9F9C2E2922F5072EE36B6FBCFE8837; Granted Authorities: ROLE_ANONYMOUS
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@90576bf4: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7F9F9C2E2922F5072EE36B6FBCFE8837; Granted Authorities: ROLE_ANONYMOUS
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Voter: org.springframework.security.web.access.expression.WebExpressionVoter@338652ff, returned: -1
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Voter: org.springframework.security.web.access.expression.WebExpressionVoter@338652ff, returned: -1
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:71)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:203)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:106)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:112)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:964)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:619)
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
해결법
-
==============================
1.액세스가 거부 된 페이지가 컨트롤러가 필요없는 간단한 페이지 인 경우 다음과 같이 할 수 있습니다.
액세스가 거부 된 페이지가 컨트롤러가 필요없는 간단한 페이지 인 경우 다음과 같이 할 수 있습니다.
<!-- This bean resolves specific types of exceptions to corresponding logical - view names for error views. The default behavior of DispatcherServlet - is to propagate all exceptions to the servlet container: this will happen - here with all other types of exceptions. --> <bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver" p:defaultErrorView="uncaughtException"> <property name="exceptionMappings"> <props> <prop key=".DataAccessException">dataAccessFailure</prop> <prop key=".NoSuchRequestHandlingMethodException">resourceNotFound</prop> <prop key=".TypeMismatchException">resourceNotFound</prop> <prop key=".MissingServletRequestParameterException">resourceNotFound</prop> <prop key=".AccessDeniedException">accessDenied</prop> </props> </property> </bean> <!-- remove this if you need a controller --> <mvc:view-controller path="/accessDenied" /> <security:intercept-url pattern="/accessDenied" access="permitAll" />또 다른 방법은 AccessDeniedHander를 사용하는 것입니다. spring-security : http 태그 내에서 spring-security : access-denied-handler 태그 만 구성하면됩니다. 이 방법은 액세스 제한이 security : intercept-url로 구성되는 경우에만 작동하는 것으로 보이지만 서비스 수준 (예 : 주석에 의해)에서 수행되는 경우에는 작동하지 않습니다.
<security:http auto-config="true" ... > ... <security:access-denied-handler error-page="/myAccessDeniedPage"/> </security:http> -
==============================
2.프로그래밍 방식의 솔루션 :
프로그래밍 방식의 솔루션 :
@Order(1) @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { // // ... // @Override protected void configure(HttpSecurity http) throws Exception { http.exceptionHandling().accessDeniedHandler(new AccessDeniedHandlerImpl() { @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { super.handle(request, response, accessDeniedException); // // Your Code Here // } @Override public void setErrorPage(String errorPage) { super.setErrorPage(errorPage); // // Your Code Here // } }); // // ... // } // // ... // } -
==============================
3.로그인 페이지 (또는 해당 페이지의 일부 요소)는 로그인 한 사용자 만 사용할 수 있습니다.
로그인 페이지 (또는 해당 페이지의 일부 요소)는 로그인 한 사용자 만 사용할 수 있습니다.
-
==============================
4.이 게시물에서 sessionManagementFilter를 사용하여 세션 시간 초과 후 리디렉션 문제를 해결할 수있었습니다.
이 게시물에서 sessionManagementFilter를 사용하여 세션 시간 초과 후 리디렉션 문제를 해결할 수있었습니다.
http://www.icesoft.org/wiki/display/ICE/Spring+Security+3.0
-
==============================
5.
DEBUG Access is denied (user is anonymous)봄 코드를 보면 스프링이 accessDeniedHandler를 익명이 아닌 사용자 만 호출하기 때문에 내 해결책은
<security:intercept-url pattern="/**" access="@storeAccessService.initForExpiredXmlHttpRequest() and _other_rules_here어디에서 내부 init 만료 된 XmlHttpRequest () 내가하고있는
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest(); //logic to filter UsernamePasswordAuthenticationToken sessionExpiredAuthentication = new UsernamePasswordAuthenticationToken( "session-expired", "session-expired"); SecurityContextHolder.getContext().setAuthentication(sessionExpiredAuthentication);
from https://stackoverflow.com/questions/8742842/how-to-handle-accessdeniedexception-in-spring-security by cc-by-sa and MIT license
'SPRING' 카테고리의 다른 글
| [SPRING] 로그인 후 세션 ID를 재생성하는 것이 좋습니다. (0) | 2019.03.26 |
|---|---|
| [SPRING] UTF-8 인코딩으로 RestTemplate에 POST 할 수있는 방법은 무엇입니까? (0) | 2019.03.26 |
| [SPRING] 스프링 통합 또는 Apache HTTP 클라이언트 (0) | 2019.03.26 |
| [SPRING] 스프링 데이터 jpa utf-8 인코딩이 작동하지 않습니다. (0) | 2019.03.26 |
| [SPRING] Java Spring의 오버로드 컨트롤러 메소드 (0) | 2019.03.26 |