I want to know how to redirect the access denied page in spring security? Shall I use some kind of handler or edit in web.xml?
thanks
Have you read the relevant sections of the Spring Security manual, namely the AccessDeniedHandler and the namespace appendix.
If you want more control, you can use
<http use-expressions="true">
<intercept-url pattern="/denied/*" access="permitAll" />
<access-denied-handler error-page="/denied">
<!-- The rest of your configuration -->
</http>
Where /denied
maps to a web controller class which you write. Make sure /denied/**
is unprotected.
If this doesn't answer your question, could you please explain in some more detail what you're trying to achieve?