我想给收到的用户一个更改,以便在将他发送到“denypage”之前尝试至少几次。默认情况下,在Spring MVC中,如果用户具有错误的权限并尝试访问“/ admin”资源,则Spring mvc会将用户重定向到“denypage”,如 403 默认一个。我希望在将他发送到此页面之前尝试尝试一些尝试。我尝试了下一个代码:
@Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS)
public class MyAccessDeniedHandler implements AccessDeniedHandler {
private static final int MAX_ATTEMPTS = 2;
private int counter = 0;
private String errorPage;
public MyAccessDeniedHandler() {}
public MyAccessDeniedHandler(String errorPage) {
this.errorPage = errorPage;
}
public String getErrorPage() {
return errorPage;
}
public void setErrorPage(String errorPage) {
this.errorPage = errorPage;
}
@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
AccessDeniedException exception) throws IOException, ServletException {
counter =+ 1;
if(counter < MAX_ATTEMPTS) {
HttpSession session = request.getSession(false);
session.setAttribute("SPRING_SECURITY_LAST_EXCEPTION", exception);
response.sendRedirect("fail2login");
} else {
response.sendRedirect(errorPage);
}
}
}
但是此代码将请求重定向到“fail2login”,当我尝试另一次尝试时,我被重定向到默认URL,而不是初始化(例如“/ admin”)(( 任何命题?