I am using SpringBoot and AngularJS for my web application and I dont know how to customize the default AccessDeniedException.
¿Whats the problem?
When I try to access to an url which I dont have the proper authorization it just redirects me to the mainpage, which flicks and looks like its trying to reload the whole page or something like it because it doesn't look like its just loading the ng-view.
Also in the chrome console appears this warning:
"Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check http://xhr.spec.whatwg.org/."
¿What do I want?
I want to map that error to this RequestMapping
@RequestMapping("template401")
public String template401()
{
return "401 :: templateAngular";
}
Routing classes
Im going to show my routing classes(Angular/Spring) and after it I explain what I tried to do to solve my problem.
My routes looks like this
app.config(function ($routeProvider, $locationProvider) {
$routeProvider
.when('/', {
controller: 'HomeController',
templateUrl: 'templateInicio'
})
.when('/gestionUsuarios',{
controller: 'GestionUsuariosController',
templateUrl: 'templateGestionUsuarios'
});
}
And my RequestMappings like this
@RequestMapping("templateInicio")
public String templateInicio()
{
return "inicio :: templateAngular";
}
@PreAuthorize("hasRole('ADMIN')")
@RequestMapping("templateGestionUsuarios")
public String templateGestionUsuarios()
{
return "gestionUsuarios :: templateAngular";
}
What I tried
I have tried to add an error handler page in the SecurityConfig class
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().anyRequest().permitAll().and().formLogin()
.loginPage("/login").defaultSuccessUrl("/login/identificar").usernameParameter("id").permitAll()
.and()
.logout().permitAll().and().exceptionHandling().accessDeniedPage("/template401");
}
but It didn't work.