How do I add an Access Denied Handler in spring-security-javaconfig
2022-09-03 00:17:41
I'm using the spring-security-javaconfig library for spring security. If I were using xml config files, I'd use something like this to define a custom Access Denied page:
<http auto-config="true">
<intercept-url pattern="/admin*" access="ROLE_ADMIN" />
<access-denied-handler ref="accessDeniedHandler"/>
</http>
Here is my security configuration class so far:
@Configuration
@EnableWebSecurity
public class SecurityConfigurator extends WebSecurityConfigurerAdapter {
@Override
protected void registerAuthentication(AuthenticationManagerBuilder auth)
throws Exception {
auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
auth.inMemoryAuthentication().withUser("admin").password("password").roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeUrls().antMatchers( "/admin").hasRole("ADMIN");
}
}