public class SimpleUrlAuthenticationFailureHandler extends Object implements AuthenticationFailureHandler
defaultFailureUrl
property when the
onAuthenticationFailure method is called. If the property has not been set it
will send a 401 response to the client, with the error message from the
AuthenticationException which caused the failure.
If the useForward
property is set, a RequestDispatcher.forward
call
will be made to the destination instead of a redirect.
Modifier and Type | Field and Description |
---|---|
protected org.apache.commons.logging.Log |
logger |
Constructor and Description |
---|
SimpleUrlAuthenticationFailureHandler() |
SimpleUrlAuthenticationFailureHandler(String defaultFailureUrl) |
Modifier and Type | Method and Description |
---|---|
protected RedirectStrategy |
getRedirectStrategy() |
protected boolean |
isAllowSessionCreation() |
protected boolean |
isUseForward() |
void |
onAuthenticationFailure(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
AuthenticationException exception)
Performs the redirect or forward to the
defaultFailureUrl if set, otherwise
returns a 401 error code. |
protected void |
saveException(javax.servlet.http.HttpServletRequest request,
AuthenticationException exception)
Caches the
AuthenticationException for use in view rendering. |
void |
setAllowSessionCreation(boolean allowSessionCreation) |
void |
setDefaultFailureUrl(String defaultFailureUrl)
The URL which will be used as the failure destination.
|
void |
setRedirectStrategy(RedirectStrategy redirectStrategy)
Allows overriding of the behaviour when redirecting to a target URL.
|
void |
setUseForward(boolean forwardToDestination)
If set to true, performs a forward to the failure destination URL instead
of a redirect.
|
public SimpleUrlAuthenticationFailureHandler()
public SimpleUrlAuthenticationFailureHandler(String defaultFailureUrl)
public void onAuthenticationFailure(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException exception) throws IOException, javax.servlet.ServletException
defaultFailureUrl
if set, otherwise
returns a 401 error code.
If redirecting or forwarding, saveException
will be called to cache the
exception for use in the target view.
onAuthenticationFailure
in interface AuthenticationFailureHandler
request
- the request during which the authentication attempt occurred.response
- the response.exception
- the exception which was thrown to reject the authentication
request.IOException
javax.servlet.ServletException
protected final void saveException(javax.servlet.http.HttpServletRequest request, AuthenticationException exception)
AuthenticationException
for use in view rendering.
If forwardToDestination
is set to true, request scope will be used,
otherwise it will attempt to store the exception in the session. If there is no
session and allowSessionCreation
is true
a session will be created.
Otherwise the exception will not be stored.
public void setDefaultFailureUrl(String defaultFailureUrl)
defaultFailureUrl
- the failure URL, for example "/loginFailed.jsp".protected boolean isUseForward()
public void setUseForward(boolean forwardToDestination)
public void setRedirectStrategy(RedirectStrategy redirectStrategy)
protected RedirectStrategy getRedirectStrategy()
protected boolean isAllowSessionCreation()
public void setAllowSessionCreation(boolean allowSessionCreation)