1 package org.cateproject.controller.access; 2 3 import javax.servlet.http.HttpServletRequest; 4 import javax.servlet.http.HttpServletResponse; 5 6 7 import org.springframework.security.core.AuthenticationException; 8 import org.springframework.security.web.authentication.AbstractProcessingFilter; 9 import org.springframework.stereotype.Controller; 10 import org.springframework.web.bind.annotation.RequestMapping; 11 import org.springframework.web.servlet.ModelAndView; 12 13 @SuppressWarnings("deprecation") 14 @Controller 15 public class AccessDeniedController { 16 17 @RequestMapping("accessDenied") 18 public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) { 19 AuthenticationException authenticationException = (AuthenticationException) request.getSession().getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY); 20 21 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); 22 ModelAndView modelAndView = new ModelAndView("exception/accessDenied"); 23 modelAndView.addObject("exception", authenticationException); 24 return modelAndView; 25 } 26 }