Mapping an exception to 404 page while using Spring Security taglibs

后端 未结 2 1267
情深已故
情深已故 2021-02-15 01:42

When mapping an Exception to 404 page, the Spring Security tags can\'t find the authentication information from the security context. With a \"real\" 404 the authentication is f

2条回答
  •  执念已碎
    2021-02-15 02:23

    The most probable case is that some component in your code is calling HttpSession.invalidate() while exception handling. You can easily find this out by a simple debugging.

    But actually it is not necessary to check for isAnonymous() - it is enough to check for user not having ROLE_USER authority:

    • In Spring Security 2: you can use areNotGranted attribute of tag (see Spring Security 2 documentation
    • In Spring Security 3: you can use Spring EL for evaluation of negative condition: access="!hasRole('ROLE_USER')"

提交回复
热议问题