Answer the question
In order to leave comments, you need to log in
K
K
kr1337ol2020-12-01 21:27:46
kr1337ol, 2020-12-01 21:27:46
Is it possible to get the name of a role that is missing for a controller method?
We have such a controller
@PreAuthorize("hasRole('USER_READ')")
method = RequestMethod.GET, value = "/{id}"
public ResponseEntity<?> getById(@PathVariable String id) {
User user = userRepository.findOne(id);
if (user != null)
return ResponseEntity.ok(user);
else
return ResponseEntity.badRequest().body(new ErrorResponse("Пользователь не найден"));
}and a class that implements the AccessDeniedHandler interface
public class AccessDeniedHandlerImpl implements AccessDeniedHandler {
@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
AccessDeniedException accessDeniedException) throws IOException, ServletException {
request.setAttribute(WebAttributes.ACCESS_DENIED_403, accessDeniedException);
request.getRequestURL();
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().printf("{ \"error\": \"Недостаточно права\"}");
response.getWriter().flush();
}
}Is it possible to get in the AccessDeniedHandlerImpl class in this case USER_READ
Similar questions
B
Bartar2016-08-28 16:19:51
What technologies / libraries are needed for a java application server?
1Reply
I
C
M
M
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question