/** * Initialize the Singleton Session Cache. */ @PostConstruct public synchronized void init() { // ************************************ // Initialization log.info("AuthenticationFilter starting to Initialize."); // ********************************************* // Create a blank redirect strategy // to prevent Spring automatically // returning page content in the output stream. SavedRequestAwareAuthenticationSuccessHandler srh = new SavedRequestAwareAuthenticationSuccessHandler(); this.setAuthenticationSuccessHandler(srh); srh.setRedirectStrategy(new RedirectStrategy() { @Override public void sendRedirect(HttpServletRequest httpservletrequest, HttpServletResponse httpservletresponse, String s) throws IOException { //do nothing, no redirect } }); // *************************************** // Proceed with additional Initialization log.info("AuthenticationFilter has been Initialized"); }
@Test public void testNoRedirect() throws IOException, ServletException { final HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getServletPath()).thenReturn("/somethingelse"); final RedirectStrategy strategy = Mockito.mock(RedirectStrategy.class); entryPoint.setRedirectStrategy(strategy); entryPoint.commence(request, null, null); Mockito.verify(strategy, Mockito.atLeastOnce()).sendRedirect(request, null, ""); }
/** * 打印必要的错误信息后,继续执行。spring security 出现如下异常,控制台不打印信息,无法指定发生了哪种类型的错误 * * @param request * @param response * @param exception * @throws IOException * @throws ServletException */ @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { log.error("spring security Authentication Fail : {}", exception.getMessage()); // spring security 不打印异常信息,无法定位错误,这里打印出来 // 不打印,通过 下面的 sendRedirect 传递信息 // exception.printStackTrace(); RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); redirectStrategy.sendRedirect(request, response, "/myerror?error=" + exception.getMessage()); setDefaultFailureUrl("/myerror?error" + exception.getMessage()); // setRedirectStrategy(redirectStrategy); // //根据错误情况,做不同的处理 // //也可以设置 setDefaultFailureUrl("/url3"); 进行跳转 // if (exception.getClass().isAssignableFrom(UsernameNotFoundException.class)) { // log.info("用户名没找到"); // // setDefaultFailureUrl("/url3"); // } else if (exception.getClass().isAssignableFrom(DisabledException.class)) { // log.info("用户无效"); // // setDefaultFailureUrl("/url3"); // } else if (exception.getClass().isAssignableFrom(BadCredentialsException.class)) { // log.info("用户无效或被锁定"); // // setDefaultFailureUrl("/url1"); // } else if (exception.getClass().isAssignableFrom(SessionAuthenticationException.class)) { // log.info("登录会话过多"); // exception.printStackTrace(); // setDefaultFailureUrl("/url3"); // } else if (exception.getClass().isAssignableFrom(InvalidCookieException.class)) { // log.info("RememberMe 异常 ,cookies 失效或格式不对"); // } //继续按照默认的流程执行,根据错误情况,进行跳转 // super.onAuthenticationFailure(request, response, exception); }
@Override public void setRedirectStrategy(RedirectStrategy redirectStrategy) { if (!RecaptchaAwareRedirectStrategy.class.isAssignableFrom(redirectStrategy.getClass())) { throw new IllegalArgumentException("Invalid redirect strategy. Redirect strategy must be an instance of " + RecaptchaAwareRedirectStrategy.class.getName() + " but is " + redirectStrategy); } super.setRedirectStrategy(redirectStrategy); }
/** * test determineTargetUrl */ @Test public void testAuthenticationSuccess() throws Exception { UserAuthorizationSuccessfulAuthenticationHandler handler = new UserAuthorizationSuccessfulAuthenticationHandler(); HttpServletRequest request = mock(HttpServletRequest.class); HttpServletResponse response = mock(HttpServletResponse.class); RedirectStrategy redirectStrategy = mock(RedirectStrategy.class); handler.setRedirectStrategy(redirectStrategy); when(request.getAttribute(UserAuthorizationProcessingFilter.CALLBACK_ATTRIBUTE)).thenReturn( "http://my.host.com/my/context"); when(request.getAttribute(UserAuthorizationProcessingFilter.VERIFIER_ATTRIBUTE)).thenReturn("myver"); when(request.getParameter("requestToken")).thenReturn("mytok"); handler.onAuthenticationSuccess(request, response, null); verify(redirectStrategy).sendRedirect(request, response, "http://my.host.com/my/context?oauth_token=mytok&oauth_verifier=myver"); handler = new UserAuthorizationSuccessfulAuthenticationHandler(); handler.setRedirectStrategy(redirectStrategy); when(request.getAttribute(UserAuthorizationProcessingFilter.CALLBACK_ATTRIBUTE)).thenReturn( "http://my.hosting.com/my/context?with=some&query=parameter"); when(request.getAttribute(UserAuthorizationProcessingFilter.VERIFIER_ATTRIBUTE)).thenReturn("myvera"); when(request.getParameter("requestToken")).thenReturn("mytoka"); handler.onAuthenticationSuccess(request, response, null); verify(redirectStrategy).sendRedirect(request, response, "http://my.hosting.com/my/context?with=some&query=parameter&oauth_token=mytoka&oauth_verifier=myvera"); }
@Test public void shouldRedirectToDefaultTargetUrlWhenNoOpenIdRequestGiven() throws Exception { OpenIdAuthenticationSuccessHandler handler = new OpenIdAuthenticationSuccessHandler(openIdManagerMock); RedirectStrategy strategyMock = Mockito.mock(RedirectStrategy.class); handler.setDefaultTargetUrl("/loginFailed.html"); handler.setRedirectStrategy(strategyMock); when(openIdManagerMock.isOpenIdRequest(requestMock)).thenReturn(false); handler.onAuthenticationSuccess(requestMock, responseMock, authenticationMock); verify(strategyMock, times(1)).sendRedirect(requestMock, responseMock, "/loginFailed.html"); }
public TwoFactorAuthenticationFilter(AuthenticationSettings authenticationSettings, TwoFactorAuthenticationService twoFactorAuthenticationService, RedirectStrategy redirectStrategy, UserAccountService userAccountService) { this.authenticationSettings = requireNonNull(authenticationSettings); this.twoFactorAuthenticationService = requireNonNull(twoFactorAuthenticationService); this.redirectStrategy = requireNonNull(redirectStrategy); this.userAccountService = requireNonNull(userAccountService); }
public AccountController(AccountService accountService, CaptchaService captchaService, RedirectStrategy redirectStrategy, AuthenticationSettings authenticationSettings, UserFactory userFactory) { this.accountService = requireNonNull(accountService); this.captchaService = requireNonNull(captchaService); this.redirectStrategy = requireNonNull(redirectStrategy); this.authenticationSettings = requireNonNull(authenticationSettings); this.userFactory = requireNonNull(userFactory); }
public void setRedirectStrategy(RedirectStrategy redirectStrategy) { this.redirectStrategy = redirectStrategy; }
protected RedirectStrategy getRedirectStrategy() { return redirectStrategy; }
protected RedirectStrategy getRedirectStrategy() { return this.redirectStrategy; }
/** * Allows overriding of the behaviour when redirecting to a target URL. */ public void setRedirectStrategy(RedirectStrategy redirectStrategy) { this.redirectStrategy = redirectStrategy; }
private AuthenticationFailureHandler failureHandler() { final String defaultFailureUrl = "/login?error"; RedirectStrategy redirectStrategy = new FailureRedirectStrategy(); return (request, response, exception) -> redirectStrategy.sendRedirect(request, response, defaultFailureUrl); }
public RedirectStrategy getRedirectStrategy() { return redirectStrategy; }
public void setRedirectStrategy(final RedirectStrategy redirectStrategy) { this.redirectStrategy = redirectStrategy; }
