AccessDenied on accessdenied
Bonjour,
Ma config spring-Security est la suivante. Quand j'arrive sur une page a laquelle je ne devrais pas accéder je devrais être redirigé vers accessdenied.jsp. Toutefois la redirection ne se fait pas à cause d'un ... AccessDenied :roll:
Code:
1
2
3
4
5
6
7
8
| 48799 [http-8080-Processor23] DEBUG org.springframework.security.intercept.AbstractSecurityInterceptor - Previously Authenticated: org.springframework.security.providers.UsernamePasswordAuthenticationToken@45708985: Principal: com.sgcib.crs.abp.security.RTFEUser@18836400: Username: emilie.dorchies; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_BATCH, ROLE_DECISION, ROLE_PARAMETRAGE [ RTFE Attributs : sgcustomid1 : null mail : emilie.dorchies@sgcib.com telephonenumber : null l : null sn : null sgservicename : null ] ; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.ui.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: EB4346BC2CC22CFAA6F05D5E0A250E4A; Granted Authorities: ROLE_BATCH, ROLE_DECISION, ROLE_PARAMETRAGE
48815 [http-8080-Processor23] DEBUG org.springframework.security.ui.ExceptionTranslationFilter - Access is denied (user is not anonymous); delegating to AccessDeniedHandler
org.springframework.security.AccessDeniedException: Access is denied
at org.springframework.security.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
at org.springframework.security.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:262)
at org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:106)
at org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(Fi |
Qualqu'un pourrait-il m'aider à trouver mon erreur ?
Merci d'avance,
spring-security.xml :
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| <!-- AUTHENTICATION -->
<http auto-config="false" access-denied-page="/accessDenied.jsp">
<!-- Definition of url pattern that have to be intercepted for access control according to defined ROLES -->
<intercept-url pattern="/public/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/secure/**" access="ROLE_CONSULTATION" />
<intercept-url pattern="/private/**" access="ROLE_CONSULTATION" />
<intercept-url pattern="/*.do" access="ROLE_CONSULTATION" />
<intercept-url pattern="/Logout.do" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/index.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<!-- Connexion page(normally no need in auto-config) -->
<form-login login-page="/"
default-target-url="/index.jsp"
authentication-failure-url="/public/login.jsp?login_error=1" />
<anonymous/>
</http> |
