我想覆盖 Spring-security 默认过滤器。我真正想要做的是,spring-security 检查用户是否有权访问索引页面,如果不是,则 spring-security 将页面重定向到登录。我想覆盖这个响应。有没有办法做到这一点?
编辑: Spring 安全过滤器返回 ajax 响应,所以我的页面卡住并且不会重定向到登录页面。我想要做的是覆盖这个过滤器。
我的 spring-security.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http auto-config='false' use-expressions="true">
<intercept-url pattern="/login*" access="permitAll"/>
<intercept-url pattern="/ajaxErrorPage" access="permitAll"/>
<intercept-url pattern="/pages/*" access="hasRole('admin')" />
<intercept-url pattern="/j_spring_security_check" access="permitAll"/>
<logout logout-success-url="/login.xhtml" />
<form-login login-page="/login.xhtml"
login-processing-url="/j_spring_security_check"
default-target-url="/pages/index.xhtml"
always-use-default-target="true"
authentication-failure-url="/login.xhtml"/>
</http>
<!--Authentication Manager Details -->
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="customUserDetailsService">
<!-- <password-encoder hash="md5"/>-->
</authentication-provider>
</authentication-manager>
</beans:beans>