我的CustomAuthenticationEntryPoint类处理AuthenticationException
public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint, Serializable {
private static final long serialVersionUID = 1L;
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e)
throws IOException, ServletException {
String errMsg = "";
if (e.getClass().isAssignableFrom(BadCredentialsException.class)) {
errMsg = "Invalid username or password!";
}
else {
errMsg = "Unknown error - " + e.getMessage();
}
System.out.println(e.getClass().toString());
// System.out.println(e + "this is e");
// errMsg = e.toString();
//request.setAttribute("message", errMsg);
request.getSession().setAttribute("message", errMsg);
response.sendRedirect(request.getContextPath() + "/login.htm?error=true");
}
}
我的服务配置
...
.and()
.exceptionHandling()
//.accessDeniedPage("/accessDenied.htm"),
.accessDeniedHandler(new MyAccessDeniedHandler())
.authenticationEntryPoint(new CustomAuthenticationEntryPoint());
我的提供者
...
try {
UserProfile userProfile = loginServiceDao.doLogin(userProfileDTO);
if(null != userProfile) {
List<CurrentUserRole> grantedAuthoritiesList = new ArrayList<CurrentUserRole>();
CurrentUserRole cur = new CurrentUserRole();
cur.setName("ROLE_USER");
grantedAuthoritiesList.add(cur);
CurrentUserProfile cup = new CurrentUserProfile();
cup.setUsername(userName);
cup.setFirstName("Nang");
cup.setLastName("Nguyen Hien");
return new UsernamePasswordAuthenticationToken(cup, password, grantedAuthoritiesList);
}else {
throw new BadCredentialsException("Username or password is not available.");
}
}catch(Throwable thr) {
throw new ExceptionInInitializerError(thr);
}
为什么我输入错误的用户名和密码时总是会收到InsufficientAuthenticationException? 我想要改为BadCredentialsException。