• Home
• fr.smallcrew.foundation
• smallcrew-security
• 1.0.10
• source code
• AccessDeniedController.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

fr.smallcrew.security.web.AccessDeniedController Maven / Gradle / Ivy

package fr.smallcrew.security.web;

import fr.smallcrew.rest.exception.ResourceExceptionHandler;
import fr.smallcrew.security.exception.InvalidSessionException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.authentication.rememberme.CookieTheftException;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Controller
@RequestMapping("/accessDenied")
public class AccessDeniedController {
  public static final String EXCEPTION = "SPRING_SECURITY_403_EXCEPTION";
  public static final String EXCEPTION_MESSAGE = "User is not logged";

  @Autowired
  private ResourceExceptionHandler exceptionHandler;

  @PostConstruct
  public void postConstruct() {
    exceptionHandler.addDefinition(AccessDeniedException.class, HttpStatus.FORBIDDEN);
    exceptionHandler.addDefinition(InvalidSessionException.class, HttpStatus.FORBIDDEN);
    exceptionHandler.addDefinition(CookieTheftException.class, HttpStatus.CONFLICT);
    exceptionHandler.initialize();
  }

  private void throwException(HttpServletRequest request) {
    RuntimeException exception = (AccessDeniedException) request.getAttribute(EXCEPTION);
    if (exception == null) {
      exception = new InvalidSessionException(EXCEPTION_MESSAGE);
    }
    throw exception;
  }

  @RequestMapping(method = RequestMethod.GET)
  public void get(HttpServletRequest request) {
    throwException(request);
  }

  @RequestMapping(method = RequestMethod.POST)
  public void post(HttpServletRequest request) {
    throwException(request);
  }

  @RequestMapping(method = RequestMethod.DELETE)
  public void delete(HttpServletRequest request) {
    throwException(request);
  }

  @RequestMapping(method = RequestMethod.PUT)
  public void put(HttpServletRequest request) {
    throwException(request);
  }

  @RequestMapping(method = RequestMethod.HEAD)
  public void head(HttpServletRequest request) {
    throwException(request);
  }

  @RequestMapping(method = RequestMethod.OPTIONS)
  public void options(HttpServletRequest request) {
    throwException(request);
  }

  @RequestMapping(method = RequestMethod.TRACE)
  public void trace(HttpServletRequest request) {
    throwException(request);
  }
}