public final class ExceptionHandlingConfigurer<H extends HttpSecurityBuilder<H>> extends SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
SecurityConfigurer.
ExceptionTranslationFilterRequestCache, is provided a RequestCache shared
object is used to replay the request after authentication is successfulAuthenticationEntryPoint - see
authenticationEntryPoint(AuthenticationEntryPoint)| Constructor and Description |
|---|
ExceptionHandlingConfigurer()
Creates a new instance
|
| Modifier and Type | Method and Description |
|---|---|
ExceptionHandlingConfigurer<H> |
accessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler accessDeniedHandler)
Specifies the
AccessDeniedHandler to be used |
ExceptionHandlingConfigurer<H> |
accessDeniedPage(String accessDeniedUrl)
Shortcut to specify the
AccessDeniedHandler to be used is a specific error
page |
ExceptionHandlingConfigurer<H> |
authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint)
Sets the
AuthenticationEntryPoint to be used. |
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties on the
SecurityBuilder. |
ExceptionHandlingConfigurer<H> |
defaultAuthenticationEntryPointFor(org.springframework.security.web.AuthenticationEntryPoint entryPoint,
org.springframework.security.web.util.matcher.RequestMatcher preferredMatcher)
Sets a default
AuthenticationEntryPoint to be used which prefers being
invoked for the provided RequestMatcher. |
B |
disable()
Disables the
AbstractHttpConfigurer by removing it. |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) |
addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilderpublic ExceptionHandlingConfigurer()
HttpSecurity.exceptionHandling()public ExceptionHandlingConfigurer<H> accessDeniedPage(String accessDeniedUrl)
AccessDeniedHandler to be used is a specific error
pageaccessDeniedUrl - the URL to the access denied page (i.e. /errors/401)ExceptionHandlingConfigurer for further customizationAccessDeniedHandlerImpl,
accessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler)public ExceptionHandlingConfigurer<H> accessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler accessDeniedHandler)
AccessDeniedHandler to be usedaccessDeniedHandler - the AccessDeniedHandler to be usedExceptionHandlingConfigurer for further customizationpublic ExceptionHandlingConfigurer<H> authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint)
AuthenticationEntryPoint to be used.
If no authenticationEntryPoint(AuthenticationEntryPoint) is specified,
then
defaultAuthenticationEntryPointFor(AuthenticationEntryPoint, RequestMatcher)
will be used. The first AuthenticationEntryPoint will be used as the
default is no matches were found.
If that is not provided defaults to Http403ForbiddenEntryPoint.
authenticationEntryPoint - the AuthenticationEntryPoint to useExceptionHandlingConfigurer for further customizationspublic ExceptionHandlingConfigurer<H> defaultAuthenticationEntryPointFor(org.springframework.security.web.AuthenticationEntryPoint entryPoint, org.springframework.security.web.util.matcher.RequestMatcher preferredMatcher)
AuthenticationEntryPoint to be used which prefers being
invoked for the provided RequestMatcher. If only a single default
AuthenticationEntryPoint is specified, it will be what is used for the
default AuthenticationEntryPoint. If multiple default
AuthenticationEntryPoint instances are configured, then a
DelegatingAuthenticationEntryPoint will be used.entryPoint - the AuthenticationEntryPoint to usepreferredMatcher - the RequestMatcher for this default
AuthenticationEntryPointExceptionHandlingConfigurer for further customizationspublic void configure(H http) throws Exception
SecurityConfigurerSecurityBuilder by setting the necessary properties on the
SecurityBuilder.configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic B disable()
AbstractHttpConfigurer by removing it. After doing so a fresh
version of the configuration can be applied.HttpSecurityBuilder for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)