2
Good afternoon, I am trying to direct a system user to an error page in case something goes wrong with the session or if the user is denied access to a particular page etc...
I’m using Spring Security for this.
in my applicationContext.xml class
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<beans:bean id="appUserDetailsService" class="security.AppUserDetailsService" />
<beans:bean id="exceptionTranslationFilter" class="org.springframework.security.web.access.ExceptionTranslationFilter">
<beans:property name="accessDeniedHandler" ref="jsfAccessDeniedHandler"/>
<beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
</beans:bean>
<beans:bean id="jsfAccessDeniedHandler" class="security.JsfAccessDeniedHandler">
<beans:property name="loginPath" value="/AcessoNegado.xhtml" />
<beans:property name="contextRelative" value="true" />
</beans:bean>
<beans:bean id="authenticationEntryPoint" class="security.JsfLoginUrlAuthenticationEntryPoint">
<beans:property name="loginFormUrl" value="/Login.xhtml"/>
<beans:property name="redirectStrategy" ref="jsfRedirectStrategy" />
</beans:bean>
<beans:bean id="jsfRedirectStrategy" class="security.JsfRedirectStrategy"/>
<http pattern="/Login.xhtml" security="none"/>
<http pattern="/Erro.xhtml" security="none"/>
<http pattern="/javax.faces.resource/**" security="none" />
<http auto-config="false" use-expressions="true">
<custom-filter ref="exceptionTranslationFilter" before="FILTER_SECURITY_INTERCEPTOR"/>
<intercept-url pattern="/Home.xhtml" access="isAuthenticated()" />
<intercept-url pattern="/marca/**" access="hasAnyRole('ADMINISTRADORES')" />
<intercept-url pattern="/agenda/**" access="hasAnyRole('ADMINISTRADORES')" />
<intercept-url pattern="/cliente/**" access="hasAnyRole('PADRAO','ADMINISTRADORES')" />
<intercept-url pattern="/usuario/**" access="hasAnyRole('ADMINISTRADORES')" />
<intercept-url pattern="/**" access="denyAll" />
<form-login login-page="/Login.xhtml" authentication-failure-url="/Login.xhtml?invalid=true" default-target-url="/" always-use-default-target="true"/>
<logout logout-url="/j_spring_security_logout" invalidate-session="true" />
</http>
<authentication-manager>
<authentication-provider user-service-ref="appUserDetailsService">
<!-- <password-encoder hash="md5"/> -->
</authentication-provider>
</authentication-manager>
And I used as a model these 3 classes presented in the course of algaworks.
Apparently the user is yes directed to the error page I created as shown in the url, but this page does not open.
Note: this is the first time I use Spring, some idea of how to solve?
att;
Edd: Checking the Chrome island I realized the following situations. when I should be directed to the error page /Accessonegado.xhtml there are several requests and between one of them there is a fault: