Package com.vaadin.flow.server.auth

Annotation Interface AccessDeniedErrorRouter

@Retention(RUNTIME)
@Target(TYPE)
public @interface AccessDeniedErrorRouter

Annotation for customizing route specific rerouting of access denied error in AnnotatedViewAccessChecker. Annotation is to be used together with @Route, or if present, together with access annotation listed here:

• @AnonymousAllowed
• @PermitAll
• @RolesAllowed
• @DenyAll

For example, following TestView and SubView routes would reroute user without "admin" role to CustomAccessDeniedError error page:

 @AccessDeniedErrorRouter(rerouteToError = CustomAccessDeniedException.class)
 @RolesAllowed("admin")
 @Route("test")
 public class TestView extends Div {
 }

 @AccessDeniedErrorRouter(rerouteToError = CustomAccessDeniedException.class)
 @RolesAllowed("admin")
 public class ParentView extends Div {
 }

 @Route("subview")
 public class SubView extends ParentView {
 }

 public class CustomAccessDeniedException extends RuntimeException {
 }

 @Tag(Tag.DIV)
 public class CustomAccessDeniedError
         implements HasErrorParameter<CustomAccessDeniedException> {

     @Override
     public int setErrorParameter(BeforeEnterEvent event,
             ErrorParameter<CustomAccessDeniedException> parameter) {
         getElement().setText("Access denied.");
         return HttpStatusCode.UNAUTHORIZED.getCode();
     }
 }
 

Optional Element Summary

Optional Elements

Modifier and Type	Optional Element	Description
Class<? extends RuntimeException>	rerouteToError	Reroute access denied error by the given exception.

Element Details

rerouteToError

Class<? extends RuntimeException> rerouteToError

Reroute access denied error by the given exception. Exception is AccessDeniedException by default. It can be changed to other exception like NotFoundException or any other exception mapped to HasErrorParameter error view.

Returns:

Type of the access denied exception for the access denied error view.

Default:

com.vaadin.flow.router.AccessDeniedException.class