• Home
• com.hp.autonomy.frontend.configuration
• configuration-authentication
• 0.8.1
• source code
• XhrAccessDeniedHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.hp.autonomy.frontend.configuration.authentication.XhrAccessDeniedHandler Maven / Gradle / Ivy

/*
 * Copyright 2014-2015 Hewlett-Packard Development Company, L.P.
 * Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License.
 */
package com.hp.autonomy.frontend.configuration.authentication;

import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class XhrAccessDeniedHandler implements AccessDeniedHandler {

    private final String loginPage;

    public XhrAccessDeniedHandler(final String loginPage) {
        this.loginPage = loginPage;
    }

    @Override
    public void handle(final HttpServletRequest request, final HttpServletResponse response, final AccessDeniedException e) throws IOException, ServletException {
        // if AJAX, add 403 to the response, otherwise redirect to the given page
        if("XMLHttpRequest".equalsIgnoreCase(request.getHeader("X-Requested-With"))) {
            response.sendError(HttpServletResponse.SC_FORBIDDEN, "Blocked by " + this.getClass().getName());
        }
        else {
            response.sendRedirect(request.getContextPath() + '/' + loginPage);
        }
    }
}