下面列出了org.springframework.security.core.AuthenticationException#getCause ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@Override
public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e)
throws IOException, ServletException {
httpServletResponse.setStatus(SC_FORBIDDEN);
httpServletResponse.setContentType(MediaType.APPLICATION_JSON_VALUE);
String message;
if(e.getCause() != null) {
message = e.getCause().getMessage();
} else {
message = e.getMessage();
}
byte[] body = new ObjectMapper()
.writeValueAsBytes(Collections.singletonMap("error", message));
httpServletResponse.getOutputStream().write(body);
}
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {
ErrorCode errorCode = null;
if (exception.getCause() instanceof APIException) {
errorCode = ((APIException) exception.getCause()).getError();
} else {
errorCode = ErrorCode.NOT_AUTHENTICATED;
}
sendErrorXml(request, response, errorCode);
}
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
log.error(authException.getMessage());
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json;charset=UTF-8");
Throwable cause = authException.getCause();
if (cause instanceof InvalidTokenException) {
response.getWriter().print(JsonUtil.jsonObj2Str(Result.failure(ResponseCode.UNAUTHORIZED, "无效的 Access Token")));
} else if (cause instanceof InvalidGrantException) {
response.getWriter().print(JsonUtil.jsonObj2Str(Result.failure(ResponseCode.UNAUTHORIZED, "无效的 Refresh Token")));
} else if (cause instanceof AccessDeniedException) {
response.getWriter().print(JsonUtil.jsonObj2Str(Result.failure(ResponseCode.FORBIDDEN, "权限不足无法访问")));
} else {
response.getWriter().print(JsonUtil.jsonObj2Str(Result.failure(ResponseCode.UNAUTHORIZED, "尚未认证无法访问")));
}
/*
if (isAjaxRequest(request)) {
response.sendError(HttpStatus.UNAUTHORIZED.value(), authException.getMessage());
} else {
response.sendRedirect("/login");
}
*/
}
/**
* used when authentication provider throws exception
*
*/
@Override
protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException, ServletException {
Log.error("unsuccessfulAuthentication ==== {} ", authException);
Throwable exceptionClass = authException.getCause();
if (exceptionClass != null && exceptionClass.getClass().getName().contains("AccountExpiredException")) {
AuthenticationUtils.setResponseMessage(response, AuthenticationUtils.TOKEN_EXPIRE_CODE, "Token Expire ");
} else {
AuthenticationUtils.setResponseMessage(response, AuthenticationUtils.UNAUTHORISE,
"Authentication not successful, Please relogin ");
}
}
@Override
public void commence(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException {
response.addHeader(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"" + getRealmName() + "\"");
response.setStatus(HttpStatus.UNAUTHORIZED.value());
String errorMessage = authException.getMessage();
if (authException.getCause() != null) {
// LDAP error messages have been seen to contain \u0000 characters. We remove them:
errorMessage += " : " + authException.getCause().getMessage().replace("\u0000", "");
}
response.getOutputStream().println(errorMessage);
}