In my application portal, there are many applications running. I am looking for a functionality where if the user is not authorized to see the current page contents or even have not the required role, then divert the user to the unauthorized.xhtml. I want to achieve this minimal impact on all the applications.

Example in my current page-

            <s:decorate id="codeBrandField" template="layout/edit.xhtml" rendered="#{isUserInRole['admin']}">
                <ui:define name="label">Code brand</ui:define>
                <h:inputText id="codeBrand"
                       disabled="#{codeBrandsHome.managed}"
                       required="true"
                           size="50"
                      maxlength="50"
                          value="#{codeBrandsHome.instance.codeBrand}">
                    <a:support event="onblur" reRender="codeBrandField" bypassUpdates="true" ajaxSingle="true"/>
                </h:inputText>
            </s:decorate>

if the user do not have the role admin, i want to divert the user to the page unauthorized.xhtml. I do not want to put navigation inside the .page.xml of each page. I just want to centralize it into a custom tag functionality or can be in central .page.xml More preferred is custom tag functioanlity.