public final class ExceptionHandlingConfigurer<H extends HttpSecurityBuilder<H>> extends SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
SecurityConfigurer.
ExceptionTranslationFilterRequestCache, is provided a RequestCache shared object is used to replay
the request after authentication is successfulAuthenticationEntryPoint - see authenticationEntryPoint(AuthenticationEntryPoint) | Constructor and Description |
|---|
ExceptionHandlingConfigurer()
Creates a new instance
|
| Modifier and Type | Method and Description |
|---|---|
ExceptionHandlingConfigurer<H> |
accessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler accessDeniedHandler)
Specifies the
AccessDeniedHandler to be used |
ExceptionHandlingConfigurer<H> |
accessDeniedPage(String accessDeniedUrl)
Shortcut to specify the
AccessDeniedHandler to be used is a specific error page |
ExceptionHandlingConfigurer<H> |
authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint)
Sets the
AuthenticationEntryPoint to be used. |
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties
on the SecurityBuilder. |
ExceptionHandlingConfigurer<H> |
defaultAuthenticationEntryPointFor(org.springframework.security.web.AuthenticationEntryPoint entryPoint,
org.springframework.security.web.util.matcher.RequestMatcher preferredMatcher)
Sets a default
AuthenticationEntryPoint to be used which prefers
being invoked for the provided RequestMatcher. |
B |
disable()
Disables the
AbstractHttpConfigurer by removing it. |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) |
addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilderpublic ExceptionHandlingConfigurer()
HttpSecurity.exceptionHandling()public ExceptionHandlingConfigurer<H> accessDeniedPage(String accessDeniedUrl)
AccessDeniedHandler to be used is a specific error pageaccessDeniedUrl - the URL to the access denied page (i.e. /errors/401)ExceptionHandlingConfigurer for further customizationAccessDeniedHandlerImpl,
#accessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler)}public ExceptionHandlingConfigurer<H> accessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler accessDeniedHandler)
AccessDeniedHandler to be usedaccessDeniedHandler - the AccessDeniedHandler to be usedExceptionHandlingConfigurer for further customizationpublic ExceptionHandlingConfigurer<H> authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint)
AuthenticationEntryPoint to be used.
If no authenticationEntryPoint(AuthenticationEntryPoint) is
specified, then
defaultAuthenticationEntryPointFor(AuthenticationEntryPoint, RequestMatcher)
will be used. The first AuthenticationEntryPoint will be used as
the default is no matches were found.
If that is not provided defaults to Http403ForbiddenEntryPoint.
authenticationEntryPoint - the AuthenticationEntryPoint to useExceptionHandlingConfigurer for further
customizationspublic ExceptionHandlingConfigurer<H> defaultAuthenticationEntryPointFor(org.springframework.security.web.AuthenticationEntryPoint entryPoint, org.springframework.security.web.util.matcher.RequestMatcher preferredMatcher)
AuthenticationEntryPoint to be used which prefers
being invoked for the provided RequestMatcher. If only a single
default AuthenticationEntryPoint is specified, it will be what is
used for the default AuthenticationEntryPoint. If multiple
default AuthenticationEntryPoint instances are configured, then a
DelegatingAuthenticationEntryPoint will be used.entryPoint - the AuthenticationEntryPoint to usepreferredMatcher - the RequestMatcher for this default
AuthenticationEntryPointExceptionHandlingConfigurer for further
customizationspublic void configure(H http) throws Exception
SecurityConfigurerSecurityBuilder by setting the necessary properties
on the SecurityBuilder.configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic B disable()
AbstractHttpConfigurer by removing it. After doing
so a fresh version of the configuration can be applied.HttpSecurityBuilder for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)