我实现了Spring Security和一个自定义身份验证失败处理程序,我使用了文档所说的继承方法saveException
缓存AuthenticationException,以便在视图渲染中使用。
这对我来说是完美的。这就是我想要的,我想访问frontEnd中的Authentication Failure Handler保存的Exception,即我想访问调用Spring Security的bean。
我的ControllerBean有这段代码:
public void login() throws ServletException, IOException {
final ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
final RequestDispatcher dispatcher = ((ServletRequest) context.getRequest()).getRequestDispatcher("/login");
dispatcher.forward((ServletRequest) context.getRequest(), (ServletResponse) context.getResponse());
FacesContext.getCurrentInstance().responseComplete();
}
它调用我的CustomAuthenticationProvider,然后如果它抛出异常,我的CustomAuthenticationFailureHandler捕获它并具有以下代码:
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {
if (exception instanceof FirstExternalLoginException) {
setAllowSessionCreation(true);
saveException(request, exception);
getRedirectStrategy().sendRedirect(request, response, "/externalRegister.jsf");
}
}
所以当这段代码完成后,它又回到了这一行:
FacesContext.getCurrentInstance().responseComplete();
控制器bean。如何访问保存的异常?我一直在挖掘ExternalContext,但从未发现任何AuthenticationException(或我的自定义异常,它扩展了AuthenticationException)