Jul 20th, 2011, 12:02 PM
@ExceptionHandler and AuthenticationExceptions
I have an MVC controller with a @PreAuthorize annotation. If the authorization fail for whatever reason, I'd like to return a particular view. I was thinking of using an @ExceptionHandler(AuthenticationException.class) which returns the view name. But that doesn't work, I'm guessing because the @PreAuthorize proxy is upstream of the @ExceptionHandler proxy.
Any suggestions on how to achieve my use case without hand-coding SecurityContextHolder checks within the handler method?
Jul 20th, 2011, 12:57 PM
You could plug an AuthenticationFailureHandler into your AuthenticationFilter. We have ExceptionMappingAuthenticationFailureHandler in place and have it redirect to different URL depending on the particular Exception that was raised.
Tags for this Thread