Java Spring安全性:访问被拒绝处理程序不';t工作(控制器方法上的xml配置和预授权注释)
拒绝访问处理程序不工作。spring配置在许多xml文件上被拆分Java Spring安全性:访问被拒绝处理程序不';t工作(控制器方法上的xml配置和预授权注释),java,spring-security,authorization,access-denied,Java,Spring Security,Authorization,Access Denied,拒绝访问处理程序不工作。spring配置在许多xml文件上被拆分 applicationContext-spring-security.xml 提前感谢大家:)经过调查,我找到了解决问题的方法: 创建带有@ControllerAdvice注释的自定义拒绝访问处理程序类 最重要的是定义带注释组件的高优先级排序顺序(例如@order(value=1)) 谢谢 <http auto-config='false" use-expressions="true" entr
提前感谢大家:)经过调查,我找到了解决问题的方法:
<http auto-config='false" use-expressions="true" entry-point-ref="loginUrlAuthenticationEntryPoint" >
<access-denied-handler error-page='/accessdenied.htm" />
<intercept-url pattern="/login.htm" access="permitAll"/>
<intercept-url pattern='/editprocedure.htm" access="hasAuthority('CAPABILITY_ADD')"/>
</http>
...
<security:global-method-security pre-post-annotations="enabled"/>
...
....
@RequestMapping(value="/adminarea.htm")
@PreAuthorize("hasAuthority('ADMIN_AREA')")
protected ModelAndView referenceData() throws Exception
{....}
....