View Javadoc
1   /*
2    * Copyright 2018-2022 Medical Information Systems Research Group (https://medical.zcu.cz),
3    * Department of Computer Science and Engineering, University of West Bohemia.
4    * Address: Univerzitni 8, 306 14 Plzen, Czech Republic.
5    *
6    * Author Petr Vcelak (vcelak@kiv.zcu.cz).
7    *
8    * This file is part of MRECore project.
9    *
10   * MRECore is free software: you can redistribute it and/or modify
11   * it under the terms of the GNU General Public License as published by
12   * the Free Software Foundation, either version 3 of the License.
13   *
14   * MRECore is distributed in the hope that it will be useful,
15   * but WITHOUT ANY WARRANTY; without even the implied warranty of
16   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17   * GNU General Public License for more details.
18   *
19   * You should have received a copy of the GNU General Public License
20   * along with MRECore. If not, see <http://www.gnu.org/licenses/>.
21   */
22  package cz.zcu.mre.security;
23  
24  import java.io.IOException;
25  import jakarta.servlet.ServletException;
26  import jakarta.servlet.http.HttpServletRequest;
27  import jakarta.servlet.http.HttpServletResponse;
28  import org.slf4j.Logger;
29  import org.slf4j.LoggerFactory;
30  import org.springframework.security.access.AccessDeniedException;
31  import org.springframework.security.web.access.AccessDeniedHandlerImpl;
32  
33  /**
34   * Access Denied Handler.
35   *
36   * @author Petr Vcelak (vcelak@kiv.zcu.cz)
37   */
38  public class AccessDeniedHandler extends AccessDeniedHandlerImpl {
39  
40      private static final Logger LOG = LoggerFactory.getLogger(AccessDeniedHandler.class);
41      private static final String LOG_TEMPLATE = "AccessDeniedHandler: User attempted to access a resource for which do not have permission. User {} attempted to access {}";
42  
43      @Override
44      public void handle(HttpServletRequest _request, HttpServletResponse _response, AccessDeniedException _exception) throws IOException, ServletException {
45          setErrorPage("/securityAccessDenied");
46  
47          LOG.error(LOG_TEMPLATE, _request.getRemoteUser(), _request.getRequestURL());
48  
49          super.handle(_request, _response, _exception);
50      }
51  }