我有一个在其中使用authenticate()方法的方法,令我感到困惑的是,如果身份验证失败,AuthenticationManager.authenticate()会抛出AuthenticationException,但是方法authenticateUser不会抛出任何Exception和没有标记任何编译错误!
@PostMapping("/signin")
public ResponseEntity<?> authenticateUser(@Valid @RequestBody LoginForm loginRequest){
Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword()));
SecurityContextHolder.getContext().setAuthentication(authentication);
}