Home/ Questions/Q 5969493
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T20:14:20+00:00

When mapping an Exception to 404 page, the Spring Security tags can’t find the

  • 0

When mapping an Exception to 404 page, the Spring Security tags can’t find the authentication information from the security context. With a “real” 404 the authentication is found.

My web.xml:

<error-page>
  <exception-type>com.example.NotFoundException</exception-type>
  <location>/app/404</location>
</error-page>

<error-page>
  <error-code>404</error-code>
  <location>/app/404</location>
</error-page>

On the JSP I have: 

<sec:authorize access="hasRole('ROLE_USER')">
  <%-- Show navigation links --%>
</sec:authorize>
<sec:authorize access="isAnonymous()">
  <%-- Show login form --%>
</sec:authorize>

The /app/404 path is mapped to a controller which just returns the view. When I browse to /foo/some_invalid_id the NotFoundException gets thrown from the controller and finally when it goes to the JSP it can’t find the authentication in SecurityContext and renders neither of the two options. Instead, when I’m browsing to /something_that_really_doesnt_exist it’s able to figure out whether I’m logged in or not and renders the proper HTML.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Add the following two dispatcher elements to your spring security filter-mapping:

    <filter-mapping>
    ...
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>ERROR</dispatcher>
</filter-mapping>

    By default only ordinary requests go through a defined filter-mapping.

    “INCLUDE” and “FORWARD” are the two other valid dispatcher element values.

    • 0