SecurityProblemSupport.java example

Explorer

problem-spring-web-master
- src
  - main
    - java
      - org
        zalando
        problem
        spring
        web
        advice
        AdviceTrait.java
        HttpStatusAdapter.java
        Lists.java
        MediaTypes.java
        ProblemHandling.java
        SpringAdviceTrait.java
        custom
        CustomAdviceTrait.java
        package-info.java
        general
        GeneralAdviceTrait.java
        ProblemAdviceTrait.java
        ThrowableAdviceTrait.java
        UnsupportedOperationAdviceTrait.java
        package-info.java
        http
        HttpAdviceTrait.java
        MethodNotAllowedAdviceTrait.java
        NotAcceptableAdviceTrait.java
        UnsupportedMediaTypeAdviceTrait.java
        package-info.java
        io
        IOAdviceTrait.java
        MessageNotReadableAdviceTrait.java
        MultipartAdviceTrait.java
        TypeMistmatchAdviceTrait.java
        package-info.java
        package-info.java
        routing
        MissingServletRequestParameterAdviceTrait.java
        MissingServletRequestPartAdviceTrait.java
        NoHandlerFoundAdviceTrait.java
        RoutingAdviceTrait.java
        ServletRequestBindingAdviceTrait.java
        package-info.java
        security
        AccessDeniedAdviceTrait.java
        AuthenticationAdviceTrait.java
        SecurityAdviceTrait.java
        SecurityProblemSupport.java
        validation
        BaseBindingResultAdviceTrait.java
        BaseValidationAdviceTrait.java
        BindAdviceTrait.java
        ConstraintViolationAdviceTrait.java
        ConstraintViolationProblem.java
        MethodArgumentNotValidAdviceTrait.java
        ValidationAdviceTrait.java
        Violation.java
        package-info.java
        validation
        ConstraintViolationProblemMixin.java
        ConstraintViolationProblemModule.java
        ViolationMixIn.java
  - test
    - java
      - org
        zalando
        problem
        spring
        web
        advice
        AdviceTraitLoggingTest.java
        AdviceTraitTest.java
        AdviceTraitTesting.java
        ContentNegotiationTest.java
        EnforceCoverageTest.java
        ExceptionHandling.java
        FallbackTest.java
        HttpStatusAdapterTest.java
        ListsTest.java
        MediaTypesTest.java
        SpringAdviceTraitTest.java
        example
        ExampleRestController.java
        ExpectedProblem.java
        User.java
        package-info.java
        general
        NestedThrowableAdviceTraitTest.java
        ProblemAdviceTraitTest.java
        ThrowableAdviceTraitTest.java
        UnsupportedOperationAdviceTraitTest.java
        http
        MethodNotAllowedAdviceTraitTest.java
        NotAcceptableAdviceTraitTest.java
        UnsupportedMediaTypeAdviceTraitTest.java
        io
        MessageNotReadableAdviceTraitTest.java
        MultipartAdviceTraitTest.java
        TypeMistmatchAdviceTraitTest.java
        routing
        MissingServletRequestParameterAdviceTraitTest.java
        MissingServletRequestPartAdviceTraitTest.java
        NoHandlerFoundAdviceTraitTest.java
        ServletRequestBindingAdviceTraitTest.java
        security
        SecurityAdviceTraitTest.java
        validation
        BaseValidationAdviceTraitTest.java
        BindAdviceTraitTest.java
        ConstraintViolationAdviceTraitTest.java
        ConstraintViolationProblemModuleTest.java
        ConstraintViolationProblemTest.java
        MethodArgumentNotValidAdviceTraitTest.java

package org.zalando.problem.spring.web.advice.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerExceptionResolver;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


/**
 * A compound {@link AuthenticationEntryPoint} and {@link AccessDeniedHandler} that delegates exceptions to
 * Spring WebMVC's {@link HandlerExceptionResolver} as defined in {@link WebMvcConfigurationSupport}.
 *
 * Compatible with spring-webmvc 4.3.3.
 *
 * @see WebMvcConfigurationSupport#handlerExceptionResolver()
 */
@Component
public class SecurityProblemSupport implements AuthenticationEntryPoint, AccessDeniedHandler {

    private final HandlerExceptionResolver resolver;

    @Autowired
    public SecurityProblemSupport(
            @Qualifier("handlerExceptionResolver") final HandlerExceptionResolver resolver) {
        this.resolver = resolver;
    }

    @Override
    public void commence(final HttpServletRequest request, final HttpServletResponse response,
            final AuthenticationException exception) throws IOException, ServletException {
        resolver.resolveException(request, response, null, exception);
    }

    @Override
    public void handle(final HttpServletRequest request, final HttpServletResponse response,
            final AccessDeniedException exception) throws IOException, ServletException {
        resolver.resolveException(request, response, null, exception);
    }

}