com.hp.autonomy.frontend.configuration.authentication.XhrAccessDeniedHandler Maven / Gradle / Ivy
/*
* Copyright 2014-2015 Open Text.
*
* Licensed under the MIT License (the "License"); you may not use this file
* except in compliance with the License.
*
* The only warranties for products and services of Open Text and its affiliates
* and licensors ("Open Text") are as may be set forth in the express warranty
* statements accompanying such products and services. Nothing herein should be
* construed as constituting an additional warranty. Open Text shall not be
* liable for technical or editorial errors or omissions contained herein. The
* information contained herein is subject to change without notice.
*/
package com.hp.autonomy.frontend.configuration.authentication;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
public class XhrAccessDeniedHandler implements AccessDeniedHandler {
private final String loginPage;
public XhrAccessDeniedHandler(final String loginPage) {
this.loginPage = loginPage;
}
@Override
public void handle(final HttpServletRequest request, final HttpServletResponse response, final AccessDeniedException e) throws IOException, ServletException {
// if AJAX, add 403 to the response, otherwise redirect to the given page
if("XMLHttpRequest".equalsIgnoreCase(request.getHeader("X-Requested-With"))) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Blocked by " + this.getClass().getName());
}
else {
response.sendRedirect(request.getContextPath() + '/' + loginPage);
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy