42 lines
1.4 KiB
Java
42 lines
1.4 KiB
Java
package eu.dnetlib.organizations;
|
|
|
|
import java.io.IOException;
|
|
|
|
import javax.servlet.ServletException;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
|
import org.slf4j.Logger;
|
|
import org.slf4j.LoggerFactory;
|
|
import org.springframework.security.access.AccessDeniedException;
|
|
import org.springframework.security.core.Authentication;
|
|
import org.springframework.security.core.context.SecurityContextHolder;
|
|
import org.springframework.security.web.access.AccessDeniedHandler;
|
|
import org.springframework.stereotype.Component;
|
|
|
|
import eu.dnetlib.organizations.controller.UserInfo;
|
|
|
|
@Component
|
|
public class MyAccessDeniedHandler implements AccessDeniedHandler {
|
|
|
|
private static Logger logger = LoggerFactory.getLogger(MyAccessDeniedHandler.class);
|
|
|
|
@Override
|
|
public void handle(final HttpServletRequest req, final HttpServletResponse res, final AccessDeniedException e)
|
|
throws IOException, ServletException {
|
|
|
|
final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
|
|
|
|
if (auth != null) {
|
|
logger.warn(String.format("User '%s' attempted to access the protected URL: %s", auth.getName(), req.getRequestURI()));
|
|
}
|
|
|
|
if (UserInfo.isNotAuthorized(auth)) {
|
|
res.sendRedirect(req.getContextPath() + "/authorizationRequest");
|
|
} else {
|
|
res.sendRedirect(req.getContextPath() + "/alreadyRegistered");
|
|
}
|
|
}
|
|
|
|
}
|