• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Bear Bibeault
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Paul Clapham
  • Devaka Cooray
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Frits Walraven
Bartenders:
  • Carey Brown
  • salvin francis
  • Claude Moore

accessDeniedPage redirect rather than just display the appropriate page  RSS feed

 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have 2 user roles - user and admin , if I go to a url where any authentication is needed and I am not authenticated - I get redirected to the login page, which is fine.

However, if I am logged in as user, and I try to access an admin only page, I get the home page displayed, but the url stays the same. I want to actually redirect to the home page rather than just display it.



So is there any way to make the accessDeniedPage method redirect, because as I said the home page is displayed but the url does not change.
 
Saloon Keeper
Posts: 20655
122
Android Eclipse IDE Java Linux Redhat Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm not sure what your question means.

If you are authenticated (logged in), and you attempt to invoke a URL that you are not authorized to access (that is, you don't have any of the roles associated with that URL pattern in web.xml), then you should get an "HTTP 403 - Forbidden" response page back.

You can create your own custom 403 page and define it in web.xml. Please note, however, that since it is the web application server that's displaying that page and not the application itself, the standard request routing may not be followed. Or, in other words, make things like "403" pages be plain HTML or JSP. Frameworks that go through a dispatching servlet such as JSF or Struts might not work properly.

If, as I fear you are saying, you actually want to simply bounce an offending user straight back to the home page without any sort of error message, I don't recommend that. It's confusing.
 
The moth suit and wings road is much more exciting than taxes. Or this tiny ad:
Create Edit Print & Convert PDF Using Free API with Java
https://coderanch.com/wiki/703735/Create-Convert-PDF-Free-Spire
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!