diff --git a/app/src/main/java/it/chalmers/gamma/security/SecurityFiltersConfig.java b/app/src/main/java/it/chalmers/gamma/security/SecurityFiltersConfig.java index 71e79bf70..6aac19e07 100644 --- a/app/src/main/java/it/chalmers/gamma/security/SecurityFiltersConfig.java +++ b/app/src/main/java/it/chalmers/gamma/security/SecurityFiltersConfig.java @@ -1,5 +1,8 @@ package it.chalmers.gamma.security; +import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.CACHE; +import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.COOKIES; + import it.chalmers.gamma.adapter.secondary.jpa.user.TrustedUserDetailsRepository; import it.chalmers.gamma.adapter.secondary.jpa.user.UserJpaRepository; import it.chalmers.gamma.app.admin.domain.AdminRepository; @@ -39,9 +42,6 @@ import org.springframework.security.web.util.matcher.MediaTypeRequestMatcher; import org.springframework.security.web.util.matcher.RegexRequestMatcher; -import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.CACHE; -import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.COOKIES; - @Configuration public class SecurityFiltersConfig { @@ -206,6 +206,10 @@ SecurityFilterChain webSecurityFilterChain( .cors(Customizer.withDefaults()) .csrf((csrf) -> csrf.csrfTokenRequestHandler(new XorCsrfTokenRequestAttributeHandler())) .requestCache(cacheConfig -> cacheConfig.requestCache(requestCache)) + .exceptionHandling( + exceptionConfig -> + exceptionConfig.accessDeniedHandler( + (request, response, accessDeniedException) -> response.sendRedirect("/"))) .headers( headers -> headers.contentSecurityPolicy( diff --git a/app/src/main/resources/templates/pages/login.html b/app/src/main/resources/templates/pages/login.html index 6ffd82969..5e845abd4 100644 --- a/app/src/main/resources/templates/pages/login.html +++ b/app/src/main/resources/templates/pages/login.html @@ -1,6 +1,6 @@ Background image -
+