{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 爱情/是我丢掉的垃圾 的问题《Spring Security Access Denied logging with missing》','https://www.manongdao.com/q-794415.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Is there an out of the box solution for a access denied logging in spring security. What I want is basically show which role the user is missing when he gets the access denied exception.
If not, and I have to go down the path of having my own accesssDeniedHandler, how can I access the role configured on that controller which throwed access denied exception.
Thanks!
No, there is no concept of "missing roles" out of the box.
Access denied events are published through Spring's standard event mechanism and you can use an
ApplicationListenerto subscribe to these, but there is no assumption that an access decision is purely based on roles in Spring Security. To achieve that, you would need to customize theAccessDecisionManagerimplementation to log information on how it arrived at a particular decision.The
AccessDeniedHandlerisn't really relevant in this case.