Spring Security : Customize 403 access denied page


In this post , we will see how to customize 403 access denied page.
If user do not have access to page, then it will show default 403 page which will look like as below:

Spring security 403 access denied

You can customize 403 as below page:

Spring security 403 customize page

If you want to configure custom 403 access denied page, there are two ways to do it.

  • Using access-denied-handler error-page
  • Using AccessDeniedHandler ref

Using access-denied-handler error-page

You can put entry for attribute access-denied-handler in spring-security.xml as below.

so if user does not have access to page, it will be redirected to /403 and you can handle 403 in controller class as below:

We can create 403.jsp as below:

Please refer to Spring security database authentication for spring-security.xml and other files.
Using AccessDeniedHandler ref:
You can also use AccessDeniedHandler to handle 403 access denied page.

You need to add ref in http tag in spring-security.xml.

Download source code:

click to begin
20KB .zip

Related posts

Add Comment