Home/ Questions/Q 7094099
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T08:31:18+00:00

I use Spring Security 3 in my jsf2 web app. When a non-authenticated user

  • 0

I use Spring Security 3 in my jsf2 web app.

When a non-authenticated user tries to access a protected resource, Spring Security redirects to the login page.

In this case, how can I show a message to the user in the login page saying he/she is not allowed to access the resource?

As Spring Security throws an AccessDeniedException in the ExceptionTranslationFilter, and then redirects to the login page, I’ve tried to use a preRenderView listener in the login page, which checks for “WebAttributes.ACCESS_DENIED_403”, but it is null.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Now I get you, actually if the user is not yet authenticated then an AuthenticationException is thrown and ExceptionTranslationFilter will launch the authenticationEntryPoint. So just add error request parameter like this.

    <bean id="exceptionTranslationFilter"
 class="org.springframework.security.web.access.ExceptionTranslationFilter">
 <property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
</bean>

<bean id="authenticationEntryPoint"
 class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
 <property name="loginFormUrl" value="/login.xhtml?error=true"/>
</bean>

and in your login.xhtml use the param like this

<h:outputText rendered="#{param['error']}" value="Please authenticate first!" />
    • 0