Within a DeadboltHandler implementation, the onAuthFailure method can use the getSubject to get the current user, and through that, the roles held by the user.

public class MyDeadboltHandler implements DeadboltHandler {
    private final DeadboltExecutionContextProvider executionContextProvider;
    private final DeadboltAnalyzer analyzer;

    @Inject
    public MyDeadboltHandler(final ExecutionContextProvider ecProvider,
                             final DeadboltAnalyzer analyzer) {
        this.executionContextProvider = ecProvider.get();
        this.analyzer =analyzer;
    }

    public CompletionStage<Result> onAuthFailure(Http.Context context,
                                                 Optional<String> content) {
        final ExecutionContext executionContext = executionContextProvider.get();
        final ExecutionContextExecutor executor = HttpExecution.fromThread(executionContext);
        return getSubject(context).thenApplyAsync(maybeSubject ->
            maybeSubject.map(subject -> analyzer.hasRole(maybeSubject, "admin") ? /*go to admin section*/
                                                                                : /*go to non-admin section*/)
                        .orElseGet(() -> /*no user present*/),
                                   executor);
    }

    // other methods
}

Anywhere there's a comment in that example, e.g. /*go to admin section*/ you need to replace it with a Result.

There are other methods available in DeadboltAnalyzer, so you can have more complex checks than just analyzer.hasRole(maybeSubject, "admin") if necessary.