Aug 29th, 2008, 03:37 AM
Access Denied page within Tiles
I am new to spring, tiles and Spring Security so thank you to be tolerant towards my questions.
I am planning to building up a simple application using TILES.
Now comes the nightmare.
I want the FOOTER tile to contain a form-based login. When the user is NOT authenticated showing the login form and when successfully authenticated showing some other links.
Whenever the BODY contains some information that requires authentication the BODY should show the ACCESS DENIED page, while the FOOTER still offering the login form.
Is there a way to configure Spring Security in a way like this?
<intercept-url pattern="/test.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/**" access="ROLE_USER" />
<form-login login-page="/test.jsp" />
TEST.JSP contains the tiles, so FOOTER is accessible and ready for my requirements but this configuration unlocks the BODY as well, even if it requires ROLE_USER authentication.
And how can I force the ACCESS DENIED page to show on the BODY tile instead of showing a new page?
Thanks in advance for any suggestions!
Jan 13th, 2009, 07:09 AM
i'm having the same problem. Did you manage to display a custom access denied page?