How to redirect to a custom page on @PreAuthorize error?

Question

I want to redirect to a custom html page on an @PreAuthorize authentication error?

I have used @PreAuthorize("hasRole("Admin")) for a controller. So if the user doesn't have the Admin role he will be kicked out and I am seeing authentication error.

But I want to override this authentication failure error and redirect the user to standard error page I developed.

Is there a solution for it ?

Code:

@PreAuthorize("hasRole("Admin")){
public List<Object> getBooksList(String id){
    return bookList;
}

score 0 · Answer 1 · answered Jun 29 '19 at 11:37

First thing to notice is that the @PreAuthorize annotation is linked to an AuthenticationManager which can be set with the GlobalMethodSecurityConfiguration.

You can catch authentication exception with a @ControllerAdvice annotated class but you have to register a new AuthenticationEntryPoint.

Here is how : Handle spring security authentication exceptions with @ExceptionHandler

How to redirect to a custom page on @PreAuthorize error?

1 Answers1