Page History
...
Note |
---|
When the Blueriq RuntimeWebSecurityConfigurer is disabled in favour of a custom HTTP security configuration implementation for the Runtime the Order value of 50 is advised and can be used for it. |
6. Noaccess.html
Blueriq's http security is based on the assumption that users require themselves access through logging in. If a user's credentials fail to grant the user access, one is redirected to the login page. This redirection requires a virtual page called noaccess.html that is further configured as follows:
Code Block |
---|
.authorizeRequests()
.antMatchers(redirectHelper.getNoAccessPath()).authenticated()
.and() |
If one chooses to configure a custom security approach, for instance by passing through credentials via http headers, noaccess.html is not in reach, users are already logged in at the moment they reach Blueriq.
Overview
Content Tools