We have one controller method where we have used @RequiredHardLogin which is redirecting unauthenticated user to login page. But where exactly this logic is written? We don't have any such thing in Handler class. Is it in filter? If yes which filter?