Как обрабатывать AccessDeniedException в Spring Security?

я использую spring security 3 , и я хочу, чтобы всякий раз, когда возникает AccessDeniedException , пользователь перенаправляется на определенную страницу:

org.springframework.security.access.AccessDeniedException: Access is denied
    at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:71)
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:203)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:106)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:112)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:964)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
    at java.lang.Thread.run(Thread.java:619)

, поэтому я попытался использовать обработчик отказа в доступе и вот обработчик:

@Service("accessDeniedHandler")
public class AccessDeniedHandler extends AccessDeniedHandlerImpl {

    Log log = LogFactory.getLog(getClass());

    @Override
    public void handle(HttpServletRequest request,
            HttpServletResponse response, AccessDeniedException exception)
            throws IOException, ServletException {
        log.info("############### Access Denied Handler!");
        setErrorPage("/accessDenied");
        super.handle(request, response, exception);
    }

}

• applicationSecurity.xml :

    
  
  
  
  
  
   <запомни меня токен-валидность-секунды = "1209600" />
  
   
  
   
   
  
   
   
   
  
   
   
   
  
  
   
  
  
  
  
  
  
  ->
  
  
  
  
  

, но проблема : заключается в том, что когда генерируется исключение, оно не попадает в класс accessDeniedHandler, пожалуйста, сообщите.

ОБНОВЛЕНИЕ : я попробовал решение bean-компонента исключений, но по-прежнему получаю такое же поведение, генерируется исключение, но перенаправления на страницу accessDenied не происходит.

Журналы :

2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG Converted URL to lowercase, from: '/'; to: '/'
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG Converted URL to lowercase, from: '/'; to: '/'
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /**; matched=true
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /**; matched=true
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG / at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2012-01-08/12:33:43.610 [http-bio-8080-exec-8] DEBUG / at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG HttpSession returned null object for SPRING_SECURITY_CONTEXT
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG HttpSession returned null object for SPRING_SECURITY_CONTEXT
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@5b7da0d1. A new one will be created.
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@5b7da0d1. A new one will be created.
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG / at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG pathInfo: both null (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG pathInfo: both null (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG queryString: both null (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG queryString: both null (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG requestURI: arg1=/MyApp/; arg2=/MyApp/ (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG requestURI: arg1=/MyApp/; arg2=/MyApp/ (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG serverPort: arg1=8080; arg2=8080 (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG serverPort: arg1=8080; arg2=8080 (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG requestURL: arg1=http://localhost:8080/MyApp/; arg2=http://localhost:8080/MyApp/ (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG requestURL: arg1=http://localhost:8080/MyApp/; arg2=http://localhost:8080/MyApp/ (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG scheme: arg1=http; arg2=http (property equals)
2012-01-08/12:33:43.611 [http-bio-8080-exec-8] DEBUG scheme: arg1=http; arg2=http (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG serverName: arg1=localhost; arg2=localhost (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG serverName: arg1=localhost; arg2=localhost (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG contextPath: arg1=/MyApp; arg2=/MyApp (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG contextPath: arg1=/MyApp; arg2=/MyApp (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG servletPath: arg1=/; arg2=/ (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG servletPath: arg1=/; arg2=/ (property equals)
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG Removing DefaultSavedRequest from session if present
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG Removing DefaultSavedRequest from session if present
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 7 of 10 in additional filter chain; firing Filter: 'RememberMeAuthenticationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 7 of 10 in additional filter chain; firing Filter: 'RememberMeAuthenticationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 8 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 8 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90576bf4: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7F9F9C2E2922F5072EE36B6FBCFE8837; Granted Authorities: ROLE_ANONYMOUS'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90576bf4: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7F9F9C2E2922F5072EE36B6FBCFE8837; Granted Authorities: ROLE_ANONYMOUS'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2012-01-08/12:33:43.612 [http-bio-8080-exec-8] DEBUG / at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG / at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG / at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Converted URL to lowercase, from: '/'; to: '/'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Converted URL to lowercase, from: '/'; to: '/'
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /accessdenied; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /accessdenied; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /login; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /login; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /j_spring_security_check; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /j_spring_security_check; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /faces/javax.faces.resource/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /faces/javax.faces.resource/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /xmlhttp/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /xmlhttp/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /resources/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /resources/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/faces/javax.faces.resource/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/faces/javax.faces.resource/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/xmlhttp/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/xmlhttp/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/resources/**; matched=false
2012-01-08/12:33:43.613 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is **/resources/**; matched=false
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /**; matched=true
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Candidate is: '/'; pattern is /**; matched=true
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Secure object: FilterInvocation: URL: /; Attributes: [isAuthenticated()]
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Secure object: FilterInvocation: URL: /; Attributes: [isAuthenticated()]
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@90576bf4: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7F9F9C2E2922F5072EE36B6FBCFE8837; Granted Authorities: ROLE_ANONYMOUS
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@90576bf4: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7F9F9C2E2922F5072EE36B6FBCFE8837; Granted Authorities: ROLE_ANONYMOUS
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Voter: org.springframework.security.web.access.expression.WebExpressionVoter@338652ff, returned: -1
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Voter: org.springframework.security.web.access.expression.WebExpressionVoter@338652ff, returned: -1
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:71)
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:203)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:106)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:112)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:964)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
    at java.lang.Thread.run(Thread.java:619)
2012-01-08/12:33:43.615 [http-bio-8080-exec-8] DEBUG Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied