问题
I've set basic spring authentication. When user comes to page and enters secured URL, login form is rendered, but I want to show error 403 page (or any other page i choose).
If I understand correctly I can't use access-denied-handler because user is not authenticated at all.
How do I show any other page than login form page to non-authenticated user, when he accesses secured URL?
回答1:
When you are using form-login the default AuthenticationEntryPoint redirects to the login page.
You can override this by injecting a custom entry point using the entry-point-ref attribute.
You can use the code for Http403ForbiddenEntryPoint as a guideline (or use that directly if all you want is a response code sent to the client).
回答2:
Add the below tag in your security context file.
access-denied-page="<name of the page>"
add this in http tag like below:
<http auto-config="true" access-denied-page="/authenticationfailed.jsp">
来源:https://stackoverflow.com/questions/9564936/spring-security-show-error-403-page-instead-of-login-form-page-for-non-authenti