How to use

handle

method

in

org.springframework.security.web.access.AccessDeniedHandlerImpl

  @Override
  public void handle(final HttpServletRequest request, final HttpServletResponse response,
      final AccessDeniedException accessDeniedException) throws IOException, ServletException {

    response.addHeader(RESTHeaders.ERROR_INFO, accessDeniedException.getMessage());

    super.handle(request, response, accessDeniedException);
  }
}

@Override
public void handle(final HttpServletRequest request, final HttpServletResponse response,
    final AccessDeniedException accessDeniedException) throws IOException, ServletException {
  response.addHeader(RESTHeaders.ERROR_INFO, accessDeniedException.getMessage());
  super.handle(request, response, accessDeniedException);
}

@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
  logger.warn("Access denied to IP {}: {}", SessionStorage.IP.get(), accessDeniedException.getMessage());
  attemptService.accessFailed(SessionStorage.IP.get());
  super.handle(request, response, accessDeniedException);
}

@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
  AccessDeniedException accessDeniedException) throws IOException, ServletException {
  if (isRestRequest(request)) {
    RestUtils.returnStatusResponse(response, HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage());
  } else {
    super.handle(request, response, accessDeniedException);
  }
}

@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
  AccessDeniedException accessDeniedException) throws IOException, ServletException {
  if (isRestRequest(request)) {
    RestUtils.returnStatusResponse(response, HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage());
  } else {
    super.handle(request, response, accessDeniedException);
  }
}

 public class MyAccessDeniedHandler implements AccessDeniedHandler {

  private AccessDeniedHandlerImpl accessDeniedHandlerImpl = new AccessDeniedHandlerImpl();

  public void handle(HttpServletRequest request, HttpServletResponse response,
      AccessDeniedException accessDeniedException) throws IOException, ServletException {

    //Some CSRF related code 

    // Then call accessDeniedHandlerImpl.handle to handle request
    accessDeniedHandlerImpl.handle(request, response, accessDeniedException);
  }

  /**
   * The error page to use. Must begin with a "/" and is interpreted relative to the current context root.
   *
   * @param errorPage the dispatcher path to display
   *
   * @throws IllegalArgumentException if the argument doesn't comply with the above limitations
   * @see AccessDeniedHandlerImpl#setErrorPage(String)
   */
  public void setErrorPage(String errorPage) {
    // You can set custom error page here 
    accessDeniedHandlerImpl.setErrorPage(errorPage);
  }
}

request.setAttribute(REQUIRED_PROVIDERS_REQUEST_ATTRIBUTE_NAME, requiredProviderIds);
providerSpecificAccessDeniedHandler.setErrorPage(connectWithProviderUrlPrefix + "/" + requiredProviderIds.iterator().next());
providerSpecificAccessDeniedHandler.handle(request, response, accessDeniedException);
   = new AccessDeniedHandlerImpl();
  defaultAccessDeniedHandler.setErrorPage(defaultAccessDeniedUrl);
  defaultAccessDeniedHandler.handle(request, response, accessDeniedException);
  super.handle(request, response, accessDeniedException);

@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
  AccessDeniedException accessDeniedException) throws IOException, ServletException {
  if (isRestRequest(request)) {
    RestUtils.returnStatusResponse(response, HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage());
  } else {
    super.handle(request, response, accessDeniedException);
  }
}