使用spring-security显示自定义错误消息

时间:2015-04-28 05:44:59

标签: java spring spring-security siteminder

我在spring-security配置中遇到了一些问题。登录失败时,我需要在我的网页上显示自定义消息。

发生两级身份验证: 现场管理员 2.数据库

我的自定义错误处理程序被成功调用(authentication-failure-handler-ref =" authFailureHandler")当用户提供无效的用户名/ pwd(将在站点管理员处失败)时因此我能够显示无效的错误消息。

当siteminder身份验证成功且用户在数据库中不可用时,我的自定义错误hanlder(authentication-failure-handler-ref =" authFailureHandler")不会被调用。相反,它正在执行一系列其他错误处理程序,最后,logout-url正在执行并重定向回index.html页面(登录页面)而没有错误消息。

请在此建议我,让我知道我哪里出错了。

以下是spring-security配置和其他详细信息。

SPRING.SECURITY.XML

                               

sash

AuthFailureHandler.java 

<security:http auto-config="true" use-expressions="true">
    <security:intercept-url pattern="/resources/app/commons/**" access="permitAll"/>
    <security:intercept-url pattern="/resources/app/template/**" access="permitAll"/>
    <security:intercept-url pattern="/resources/app/**" access="hasAnyRole('M_XXX', 'M_XXX')"/>
    <security:intercept-url pattern="/app/template/**" access="permitAll"/>
    <security:intercept-url pattern="/app/**" access="hasAnyRole('M_VVV', 'M_XXX')"/>

    <security:custom-filter position="PRE_AUTH_FILTER" ref="siteminderFilter" />

    <!-- The  authentication-failure url is handled in authFailureHandler -->
    <security:form-login always-use-default-target="true"
                         authentication-failure-url="/index.html?login_error=1"
                         login-page="/index.html"
                         default-target-url="/app/home"
                         login-processing-url="/doLogin" authentication-failure-handler-ref="authFailureHandler"/>
    <security:logout invalidate-session="true" logout-success-url="/index.html" logout-url="/doLogout" />
    <security:session-management invalid-session-url="/index.html"  />
</security:http>

<bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
    <property name="preAuthenticatedUserDetailsService">
        <bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
            <property name="userDetailsService" ref="userDetailsService" />
        </bean>
    </property>
</bean>

<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider ref="preauthAuthProvider" />
</security:authentication-manager>

0 个答案:

没有答案
相关问题
最新问题