Results 1 to 4 of 4

Thread: AccessDeniedHandlerImpl forward to eddor does not work

  1. Jul 6th, 2011, 03:47 AM #1
    huakaibird
    huakaibird is offline Junior Member
    Join Date
    Jul 2011
    Posts
    4

    Default AccessDeniedHandlerImpl forward to eddor does not work

    I am trying to use spring security 2 to replace acegi 1.0.5. For some reason, can not change original configuration file. Just replace org.acegisecurity to org.springframework.security and some constants in JSP.
    the acegisecurity config file still uses the old config file
    I encounter one problem, when access denied, can not foward to the error page.
    I add some log in AccessDeniedHandlerImpl, and see the log has forwarded. But the page still show the url 404 error, I do not know why. I am using spring 3.0.5. And the security config file still the old:

    <bean id="filterChainProxy" class="org.springframework.security.util.FilterCha inProxy">
    <property name="filterInvocationDefinitionSource">
    <value>
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    PATTERN_TYPE_APACHE_ANT
    /**=httpSessionContextIntegrationFilter,logoutFilte r,authenticationProcessingFilter,securityContextHo lderAwareRequestFilter,rememberMeProcessingFilter, anonymousProcessingFilter,exceptionTranslationFilt er,filterInvocationInterceptor
    </value>
    </property>
    </bean>

    <bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTr anslationFilter">
    <property name="authenticationEntryPoint">
    <bean class="org.springframework.security.ui.webapp.Auth enticationProcessingFilterEntryPoint">
    <property name="loginFormUrl" value="/acegilogin.jsp"/>
    <property name="forceHttps" value="${slim.forceHttps}"/>
    </bean>
    </property>
    <property name="accessDeniedHandler">
    <bean class="org.springframework.security.ui.AccessDenie dHandlerImpl">
    <property name="errorPage" value="/accessDenied.jsp"/>
    </bean>
    </property>
    </bean>
    Reply With Quote Reply With Quote
  2. Jul 6th, 2011, 04:17 AM #2
    huakaibird
    huakaibird is offline Junior Member
    Join Date
    Jul 2011
    Posts
    4

    Default

    If not config <property name="errorPage" value="/accessDenied.jsp"/>, can show 403 access denied page
    ((HttpServletResponse) response).sendError(HttpServletResponse.SC_FORBIDD EN, accessDeniedException.getMessage());
    this works, but why customized errorPage can not forward
    Reply With Quote Reply With Quote
  3. Jul 6th, 2011, 06:24 AM #3
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    If you are upgrading from Acegi, I would seriously recommend you use version 3 or 3.1. 2 is virtually EOL.
    Spring - by Pivotal
    twitter @tekul
    Reply With Quote Reply With Quote
  4. Jul 6th, 2011, 07:46 PM #4
    huakaibird
    huakaibird is offline Junior Member
    Join Date
    Jul 2011
    Posts
    4

    Default

    I do not want to update acegi because the old acegi configuration file is used by some other application, but need to use spring 3, but spring 3 has removed the class org.springframework.web.bind.RequestUtils which was used by acegi, so i need to update to spring-security 2, and make the least change to acegi configuration file.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules