我在SAMLUserDetailsService中抛出了UserNameNotFound Exception。但是当用户不在DB中时,它仍会调用我的AuthenticationSuccessHandler。
你对这个问题有什么想法吗? 这是我的loadUserBySAML方法的一部分
String userName = nameValue.trim();
AppUser domainUser = userRepository.findByAppUserNm(userName);
if (domainUser == null) {
logger.info("User is null");
throw new UsernameNotFoundException("User is not in the DB");
} else {
boolean enabled = true;
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
return new User(domainUser.getAppUserNm(), domainUser.getAppUserPwdTxt().toLowerCase(), enabled, accountNonExpired, credentialsNonExpired,
accountNonLocked, getAuthorities(userName));
}