• Home
• cn.wic4j.security
• wic4j-security-resource-server
• 2023.0.0.2-alpha.3
• source code
• ResourceServerAccessDeniedHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

cn.wic4j.security.resource.handler.ResourceServerAccessDeniedHandler Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements. See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache license, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the license for the specific language governing permissions and
 * limitations under the license.
 */
package cn.wic4j.security.resource.handler;

import cn.wi4j.security.core.utils.ResponseUtils;
import cn.wic4j.common.code.CommonCode;
import cn.wic4j.common.context.UserContent;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import java.io.IOException;

/**
 * 权限未授权

 *
 * @author Max
 * @version 2023.0.0.0
 * @since 2023/7/11 21:03
 */
@Slf4j
@ConditionalOnMissingBean(name = "resourceServerAccessDeniedHandler")
public class ResourceServerAccessDeniedHandler implements AccessDeniedHandler {
    /**
     * Handles an access denied failure.
     *
     * @param request               that resulted in an AccessDeniedException
     * @param response              so that the user agent can be advised of the failure
     * @param accessDeniedException that caused the invocation
     * @throws IOException      in the event of an IOException
     * @throws ServletException in the event of a ServletException
     */
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        String currentUsername = UserContent.getCurrentUsername();
        log.error("请求未授权接口:{},用户：{}", request.getRequestURI(), currentUsername);
        ResponseUtils.responseUtf8(response, CommonCode.FORBIDDEN);
    }
}