org.springframework.security.web.authentication
Class SimpleUrlAuthenticationFailureHandler

java.lang.Object
  org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler

All Implemented Interfaces:

AuthenticationFailureHandler

Direct Known Subclasses:

ExceptionMappingAuthenticationFailureHandler

public class SimpleUrlAuthenticationFailureHandler
extends Object
implements AuthenticationFailureHandler

AuthenticationFailureHandler which performs a redirect to the value of the defaultFailureUrl property when the onAuthenticationFailure method is called. If the property has not been set it will send a 401 response to the client, with the error message from the AuthenticationException which caused the failure.

If the forwardToDestination parameter is set, a RequestDispatcher.forward call will be made to the destination instead of a redirect.

Since:

3.0

Version:

$Id: SimpleUrlAuthenticationFailureHandler.java 4076 2009-12-18 19:29:36Z ltaylor $

Author:

Luke Taylor

Field Summary

protected org.apache.commons.logging.Log

logger

Constructor Summary

SimpleUrlAuthenticationFailureHandler()

SimpleUrlAuthenticationFailureHandler(String defaultFailureUrl)

Method Summary

protected RedirectStrategy	getRedirectStrategy()
protected boolean	isUseForward()
void	onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) Called when an authentication attempt fails.
void	setDefaultFailureUrl(String defaultFailureUrl) The URL which will be used as the failure destination.
void	setRedirectStrategy(RedirectStrategy redirectStrategy) Allows overriding of the behaviour when redirecting to a target URL.
void	setUseForward(boolean forwardToDestination) If set to true, performs a forward to the failure destination URL instead of a redirect.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

protected final org.apache.commons.logging.Log logger

Constructor Detail

SimpleUrlAuthenticationFailureHandler

public SimpleUrlAuthenticationFailureHandler()

SimpleUrlAuthenticationFailureHandler

public SimpleUrlAuthenticationFailureHandler(String defaultFailureUrl)

Method Detail

onAuthenticationFailure

public void onAuthenticationFailure(HttpServletRequest request,
                                    HttpServletResponse response,
                                    AuthenticationException exception)
                             throws IOException,
                                    ServletException

Description copied from interface: AuthenticationFailureHandler

Called when an authentication attempt fails.

Specified by:

onAuthenticationFailure in interface AuthenticationFailureHandler

Parameters:

request - the request during which the authentication attempt occurred.

response - the response.

exception - the exception which was thrown to reject the authentication request.

Throws:

IOException

ServletException

setDefaultFailureUrl

public void setDefaultFailureUrl(String defaultFailureUrl)

The URL which will be used as the failure destination.

Parameters:

defaultFailureUrl - the failure URL, for example "/loginFailed.jsp".

isUseForward

protected boolean isUseForward()

setUseForward

public void setUseForward(boolean forwardToDestination)

If set to true, performs a forward to the failure destination URL instead of a redirect. Defaults to false.

setRedirectStrategy

public void setRedirectStrategy(RedirectStrategy redirectStrategy)

Allows overriding of the behaviour when redirecting to a target URL.

getRedirectStrategy

protected RedirectStrategy getRedirectStrategy()