• Home
• io.kwy.boot
• spring-boot
• 1.5.3.1.RELEASE
• source code
• SimpleUrlAuthenticationFailureHandlerCustom.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandlerCustom Maven / Gradle / Ivy

package org.springframework.security.web.authentication;

import java.io.IOException;
import java.lang.reflect.Method;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.core.AuthenticationException;
import org.springframework.util.Assert;
import org.springframework.util.ClassUtils;
import org.springframework.util.ReflectionUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
import org.springframework.web.util.UriComponentsBuilder;

public class SimpleUrlAuthenticationFailureHandlerCustom extends SimpleUrlAuthenticationFailureHandler {
  private String defaultFailureUrl;
  private String targetUrlParameter = null;

  public SimpleUrlAuthenticationFailureHandlerCustom(String defaultFailureUrl) {
    super(defaultFailureUrl);
    this.defaultFailureUrl = defaultFailureUrl;
  }

  @Override
  public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
    if (logger.isTraceEnabled()) {
      logger.trace(exception.getMessage(), exception);
    }
    else if (logger.isWarnEnabled()) {
      logger.warn(exception.getMessage());
    }

    Method method = ClassUtils.getMethodIfAvailable(exception.getClass(), "getRedirectUrl");
    Object redirectUrl;
    if (method != null && (redirectUrl = ReflectionUtils.invokeMethod(method, exception)) instanceof String) {
      getRedirectStrategy().sendRedirect(request, response, (String) redirectUrl);
    }
    else {
      if (this.defaultFailureUrl == null) {
        logger.debug("No failure URL set, sending 401 Unauthorized error");
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authentication Failed: " + exception.getMessage());
      }
      else {
        saveException(request, exception);

        if (isUseForward()) {
          logger.debug("Forwarding to " + this.defaultFailureUrl);
          request.getRequestDispatcher(this.defaultFailureUrl).forward(request, response);
        }
        else {
          String defaultFailureUrl = this.defaultFailureUrl;
          if (this.targetUrlParameter != null) {
            UriComponentsBuilder builder = ServletUriComponentsBuilder.fromRequest(request);
            String targetUrl = builder.build().getQueryParams().getFirst(this.targetUrlParameter);
            if (StringUtils.hasText(targetUrl)) {
              defaultFailureUrl = UriComponentsBuilder.fromUriString(defaultFailureUrl).queryParam(this.targetUrlParameter, targetUrl).build().toUriString();
            }
          }
          logger.debug("Redirecting to " + defaultFailureUrl);
          getRedirectStrategy().sendRedirect(request, response, defaultFailureUrl);
        }
      }
    }
  }

  public void setTargetUrlParameter(String targetUrlParameter) {
    if (targetUrlParameter != null) {
      Assert.hasText(targetUrlParameter, "TargetUrl parameter must not be null or empty!");
    }
    this.targetUrlParameter = targetUrlParameter;
  }
}