/** * {@inheritDoc} */ @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException authenticationException) throws IOException, ServletException { saveException(request, authenticationException); String url = failureUrlMap.get(authenticationException.getClass().getName()); if (url != null) { if (authenticationException instanceof UserAccountTemporarilyLockedException) { url += "&lockedTimeout=" + ((UserAccountTemporarilyLockedException) authenticationException) .getLockedTimeout().getTime(); } if (authenticationException instanceof UserAccountException) { url += "&username=" + ((UserAccountException) authenticationException).getUsername(); } ControllerHelper.sendInternalRedirect(request, response, appendTargetUrl(url, request)); return; } String failureUrl = authenticationFailureUrl; String redirectUrl = ControllerHelper.renderAbsoluteUrl(request, null, failureUrl, false, false, false); new DefaultRedirectStrategy().sendRedirect(request, response, appendTargetUrl(redirectUrl, request)); }
/** * Instantiates a new logout filter. * * @param logoutSuccessUrl * the logout success url * @param handlers * the handlers */ public CommunoteLogoutFilter(final String logoutSuccessUrl, LogoutHandler[] handlers) { super(new SimpleUrlLogoutSuccessHandler() { { setDefaultTargetUrl(logoutSuccessUrl); setRedirectStrategy(new DefaultRedirectStrategy() { @Override public void sendRedirect(HttpServletRequest request, HttpServletResponse response, String url) throws java.io.IOException { if (url.startsWith("http://") || url.startsWith("https://")) { throw new IllegalArgumentException( "could not add client id to this uri: '" + url + "'"); } // reset session values SessionHandler.instance().resetOverriddenCurrentUserLocale(request); ControllerHelper.sendInternalRedirect(request, response, url); }; }); } }, handlers); }
@Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { // if (LOG.isDebugEnabled()) { // LOG.debug("Redirigiendo a pantalla de login: " + LOGIN_FORM_URL); // } ContentNegotiationStrategy negotiationStrategy = new HeaderContentNegotiationStrategy(); MediaTypeRequestMatcher matcher = new MediaTypeRequestMatcher(negotiationStrategy, MediaType.TEXT_HTML); matcher.setUseEquals(false); if (matcher.matches(request)) { DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); redirectStrategy.setContextRelative(false); redirectStrategy.sendRedirect(request, response, LOGIN_FORM_URL); } else { response.sendError(HttpServletResponse.SC_FORBIDDEN); } }
@Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { ContentNegotiationStrategy negotiationStrategy = new HeaderContentNegotiationStrategy(); MediaTypeRequestMatcher matcher = new MediaTypeRequestMatcher(negotiationStrategy, MediaType.TEXT_HTML); matcher.setUseEquals(false); if (matcher.matches(request)) { DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); redirectStrategy.setContextRelative(false); redirectStrategy.sendRedirect(request, response, "/errores/403"); } else { response.sendError(HttpServletResponse.SC_FORBIDDEN); } }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { SamlUser user = (SamlUser) authentication.getPrincipal(); userService.login( user.getSsn(), user.getFirstNames(), user.getLastName(), user.isFinnishCitizen(), new LocalizedString(user.getMunicipalityNameFi(), user.getMunicipalityNameSv()), request, response ); new DefaultRedirectStrategy() .sendRedirect(request, response, baseUri + TargetStoringFilter.popCookieTarget(request, response)); }
@Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { String targetUri = TargetStoringFilter.popCookieTarget(request, response); // The first idea was to redirect the user to the previous page after logout. // But the problem are pages that are not visible for unauthenticated users. The user would end up to 403 page after logout. // Best solution would be just be to redirect user to frontpage if the default target page would give 403, // but unfortunately there is no time for that now so let's just get the user to localized frontpage after logout. // Redirect to default logout page that's responsible for setting the logout success message String localizedFrontPageUri = targetUri.startsWith(Urls.FRONT_SV) ? Urls.LOGOUT_SV : Urls.LOGOUT_FI; new DefaultRedirectStrategy() .sendRedirect(request, response, baseUri + localizedFrontPageUri); }
@Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { if(exception instanceof UsernameNotFoundException && exception.getAuthentication() instanceof OpenIDAuthenticationToken && ((OpenIDAuthenticationToken)exception.getAuthentication()).getStatus().equals(OpenIDAuthenticationStatus.SUCCESS)) { OpenIDAuthenticationToken token = (OpenIDAuthenticationToken)exception.getAuthentication(); String url = token.getIdentityUrl(); User user = createTemporaryUser(token, url); request.getSession(true).setAttribute(ModelKeys.NEW_USER, user); DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); log.info("Redirecting to new user account creation page"); super.setRedirectStrategy(redirectStrategy); redirectStrategy.sendRedirect(request, response, "/"+ViewNames.CREATE_ACCOUNT_PAGE); return; } else { super.onAuthenticationFailure(request, response, exception); } }
@Override protected void configure(HttpSecurity http) throws Exception { SimpleUrlAuthenticationSuccessHandler simpleUrlAuthenticationSuccessHandler = new SimpleUrlAuthenticationSuccessHandler("/"); simpleUrlAuthenticationSuccessHandler.setUseReferer(false); simpleUrlAuthenticationSuccessHandler.setTargetUrlParameter("url"); DefaultRedirectStrategy defaultRedirectStrategy = new DefaultRedirectStrategy(); simpleUrlAuthenticationSuccessHandler.setRedirectStrategy(defaultRedirectStrategy); SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler(); simpleUrlLogoutSuccessHandler.setUseReferer(true); // @formatter:off http .authorizeRequests() .antMatchers(ckfinder.getServlet().getPath()).hasAnyRole("ADMIN") .and() .csrf() .disable() .exceptionHandling() .authenticationEntryPoint(authenticationEntryPoint()) .and() .formLogin() .loginPage("/login") .usernameParameter("user_id1") .passwordParameter("password1") .successHandler(simpleUrlAuthenticationSuccessHandler) .failureHandler(failureHandler()) .permitAll() .and() .headers() .cacheControl().disable() .httpStrictTransportSecurity().disable() .frameOptions().sameOrigin() .and() .logout() .logoutUrl("/logout.html") .logoutSuccessHandler(simpleUrlLogoutSuccessHandler) .permitAll() .and() .rememberMe() .rememberMeParameter("rememberMe") .tokenRepository(persistentTokenRepository) .and() .requestCache() .requestCache(new NullRequestCache()) .and() .servletApi(); // @formatter:on }
/** * 打印必要的错误信息后,继续执行。spring security 出现如下异常,控制台不打印信息,无法指定发生了哪种类型的错误 * * @param request * @param response * @param exception * @throws IOException * @throws ServletException */ @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { log.error("spring security Authentication Fail : {}", exception.getMessage()); // spring security 不打印异常信息,无法定位错误,这里打印出来 // 不打印,通过 下面的 sendRedirect 传递信息 // exception.printStackTrace(); RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); redirectStrategy.sendRedirect(request, response, "/myerror?error=" + exception.getMessage()); setDefaultFailureUrl("/myerror?error" + exception.getMessage()); // setRedirectStrategy(redirectStrategy); // //根据错误情况,做不同的处理 // //也可以设置 setDefaultFailureUrl("/url3"); 进行跳转 // if (exception.getClass().isAssignableFrom(UsernameNotFoundException.class)) { // log.info("用户名没找到"); // // setDefaultFailureUrl("/url3"); // } else if (exception.getClass().isAssignableFrom(DisabledException.class)) { // log.info("用户无效"); // // setDefaultFailureUrl("/url3"); // } else if (exception.getClass().isAssignableFrom(BadCredentialsException.class)) { // log.info("用户无效或被锁定"); // // setDefaultFailureUrl("/url1"); // } else if (exception.getClass().isAssignableFrom(SessionAuthenticationException.class)) { // log.info("登录会话过多"); // exception.printStackTrace(); // setDefaultFailureUrl("/url3"); // } else if (exception.getClass().isAssignableFrom(InvalidCookieException.class)) { // log.info("RememberMe 异常 ,cookies 失效或格式不对"); // } //继续按照默认的流程执行,根据错误情况,进行跳转 // super.onAuthenticationFailure(request, response, exception); }
@Override public void handle( HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException ) throws IOException, ServletException { if (accessDeniedException instanceof InvalidCsrfTokenException || accessDeniedException instanceof MissingCsrfTokenException) { new DefaultRedirectStrategy().sendRedirect(request, response, "/editar/autenticar?sessao"); } super.handle(request, response, accessDeniedException); }
private void redirectToSuccess(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); OpenIDAuthenticationToken openIDAuthentication = getOpenIdAuthenticationToken(exception); addOpenIdAttributesToSession(request, openIDAuthentication); SecurityContext securityContext = SecurityContextHolder.getContext(); securityContext.setAuthentication(openIDAuthentication); HttpSession session = request.getSession(true); session.setAttribute("SPRING_SECURITY_CONTEXT", securityContext); redirectStrategy.sendRedirect(request, response, "/"); }
@Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { String targetUri = TargetStoringFilter.popCookieTarget(request, response); // Strip get parameters from redirect on failure to prevent re-login-loop // when users cancels login on eg. voting // IDP Currently does not tell us if the user has cancelled the authentication or there were failures during it. // Currently we just have to trust that IDP shows some nice error for the user if the authentication fails, // because we do not have any way to tell if the authentication was failed or cancelled. log.warn("Login failed / cancelled", exception); String path = new URL(baseUrl + targetUri).getPath(); new DefaultRedirectStrategy() .sendRedirect(request, response, baseUrl + path); }
@Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception ) throws ServletException, IOException { String ajaxLoginTrue = request.getParameter( "ajaxLoginTrue" ); if ( ajaxLoginTrue != null && ajaxLoginTrue.equals( "true" ) ) { JSONUtil jsonUtil = new JSONUtil( request, response ); String jsonText = null; this.setRedirectStrategy( new RedirectStrategy() { @Override public void sendRedirect( HttpServletRequest re, HttpServletResponse res, String s ) { // do nothing, no redirect to make it work with extjs } } ); super.onAuthenticationFailure( request, response, exception ); JSONObject json = new JSONObject(); json.put( "success", false ); if ( exception.getClass().isAssignableFrom( BadCredentialsException.class ) ) { json.put( "message", "<strong>Warning!</strong> Login email/password incorrect." ); } else if ( exception.getClass().isAssignableFrom( LockedException.class ) ) { json.put( "message", "Your account has not been activated, please click the confirmation link that was e-mailed to you upon registration." ); } else { json.put( "message", "Login Failed" ); } jsonText = json.toString(); jsonUtil.writeToResponse( jsonText ); } else { this.setRedirectStrategy( new DefaultRedirectStrategy() ); super.onAuthenticationFailure( request, response, exception ); } }
public UserAuthorizationSuccessfulAuthenticationHandler() { super(); setRedirectStrategy(new org.springframework.security.web.DefaultRedirectStrategy()); }
public UserAuthorizationSuccessfulAuthenticationHandler(String s) { super(s); setRedirectStrategy(new DefaultRedirectStrategy()); }
@Bean public RedirectStrategy redirectStrategy() { return new DefaultRedirectStrategy(); }
private void redirectToOpenIdRegistrationUrl(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); addOpenIdAttributesToSession(request, getOpenIdAuthenticationToken(exception)); redirectStrategy.sendRedirect(request, response, openIdRegistrationUrl); }
