Spring security in JSP - click on not allowed action
If user clicks on an action in namespace which role user hasn't now nothing happens. Can I intercept this and redirect him to some exception?
Example:
<intercept-url pattern="/secure/project/**" access="ROLE_PROJECT"/>
<intercept-url pattern="/secure/statistics/**" access="ROLE_STATISTICS"/>
User has only one role - ROLE_PROJECT. And the developer (not me, of course :)) will forget to hide an action in /secure/statistics, so also this user will see it. How t开发者_如何学JAVAo handle the click on this action with some custom result?
I guess your use case and how to handle it is documented here - AccessDeniedHandler
精彩评论