private void applyUnauthorizedUrlIfNecessary(Filter filter) { String unauthorizedUrl = getUnauthorizedUrl(); if (StringUtils.hasText(unauthorizedUrl) && (filter instanceof AuthorizationFilter)) { AuthorizationFilter authzFilter = (AuthorizationFilter) filter; //only apply the unauthorizedUrl if they haven't explicitly configured one already: String existingUnauthorizedUrl = authzFilter.getUnauthorizedUrl(); if (existingUnauthorizedUrl == null) { authzFilter.setUnauthorizedUrl(unauthorizedUrl); } } }
Subject subject = getSubject(request, response); saveRequestAndRedirectToLogin(request, response); } else { String unauthorizedUrl = getUnauthorizedUrl();
@Override protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { HttpServletResponse httpResponse ; try { httpResponse = WebUtils.toHttp(response); } catch (ClassCastException ex) { // Not a HTTP Servlet operation return super.onAccessDenied(request, response) ; } if ( message == null ) httpResponse.sendError(HttpSC.FORBIDDEN_403) ; else httpResponse.sendError(HttpSC.FORBIDDEN_403, message) ; return false ; // No further processing. } }
@Override protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { HttpServletResponse httpResponse ; try { httpResponse = WebUtils.toHttp(response); } catch (ClassCastException ex) { // Not a HTTP Servlet operation return super.onAccessDenied(request, response) ; } if ( message == null ) httpResponse.sendError(HttpSC.FORBIDDEN_403) ; else httpResponse.sendError(HttpSC.FORBIDDEN_403, message) ; return false ; // No further processing. } }
private void applyUnauthorizedUrlIfNecessary(Filter filter) { String unauthorizedUrl = getUnauthorizedUrl(); if (StringUtils.hasText(unauthorizedUrl) && (filter instanceof AuthorizationFilter)) { AuthorizationFilter authzFilter = (AuthorizationFilter) filter; //only apply the unauthorizedUrl if they haven't explicitly configured one already: String existingUnauthorizedUrl = authzFilter.getUnauthorizedUrl(); if (existingUnauthorizedUrl == null) { authzFilter.setUnauthorizedUrl(unauthorizedUrl); } } }
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { if (RequestUtils.shouldUseNormalHttpRequestToProcess(request, requestProperties.isServiceOriented())) return super.onAccessDenied(request, response); Subject subject = getSubject(request, response); if (subject.getPrincipal() == null) { ResponseUtils.responseInvalidLogin(response, requestProperties.getInvalidLoginCode()); } else { ResponseUtils.responseInvalidPermission(response, requestProperties.getInvalidPermissionCode()); } return false; }
private void applyUnauthorizedUrlIfNecessary(Filter filter) { String unauthorizedUrl = GojaConfig.getProperty("shiro.unauthorizedUrl", "/"); if (StringUtils.hasText(unauthorizedUrl) && (filter instanceof AuthorizationFilter)) { AuthorizationFilter authzFilter = (AuthorizationFilter) filter; //only apply the unauthorizedUrl if they haven't explicitly configured one already: String existingUnauthorizedUrl = authzFilter.getUnauthorizedUrl(); if (existingUnauthorizedUrl == null) { authzFilter.setUnauthorizedUrl(unauthorizedUrl); } } }