Example 1 with SimpleUrlAuthenticationFailureHandler
use of org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler in project spring-security by spring-projects.
the class AbstractAuthenticationFilterConfigurer method failureUrl.
/**
* The URL to send users if authentication fails. This is a shortcut for invoking
* {@link #failureHandler(AuthenticationFailureHandler)}. The default is
* "/login?error".
*
* @param authenticationFailureUrl the URL to send users if authentication fails (i.e.
* "/login?error").
* @return the {@link FormLoginConfigurer} for additional customization
*/
public final T failureUrl(String authenticationFailureUrl) {
T result = failureHandler(new SimpleUrlAuthenticationFailureHandler(authenticationFailureUrl));
this.failureUrl = authenticationFailureUrl;
return result;
}
Also used :
SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)
Example 2 with SimpleUrlAuthenticationFailureHandler
use of org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler in project spring-security by spring-projects.
the class SessionManagementConfigurer method configure.
@Override
public void configure(H http) throws Exception {
SecurityContextRepository securityContextRepository = http.getSharedObject(SecurityContextRepository.class);
SessionManagementFilter sessionManagementFilter = new SessionManagementFilter(securityContextRepository, getSessionAuthenticationStrategy(http));
if (this.sessionAuthenticationErrorUrl != null) {
sessionManagementFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(this.sessionAuthenticationErrorUrl));
}
InvalidSessionStrategy strategy = getInvalidSessionStrategy();
if (strategy != null) {
sessionManagementFilter.setInvalidSessionStrategy(strategy);
}
AuthenticationFailureHandler failureHandler = getSessionAuthenticationFailureHandler();
if (failureHandler != null) {
sessionManagementFilter.setAuthenticationFailureHandler(failureHandler);
}
AuthenticationTrustResolver trustResolver = http.getSharedObject(AuthenticationTrustResolver.class);
if (trustResolver != null) {
sessionManagementFilter.setTrustResolver(trustResolver);
}
sessionManagementFilter = postProcess(sessionManagementFilter);
http.addFilter(sessionManagementFilter);
if (isConcurrentSessionControlEnabled()) {
ConcurrentSessionFilter concurrentSessionFilter = createConccurencyFilter(http);
concurrentSessionFilter = postProcess(concurrentSessionFilter);
http.addFilter(concurrentSessionFilter);
}
}
Also used :
SessionManagementFilter(org.springframework.security.web.session.SessionManagementFilter)
ConcurrentSessionFilter(org.springframework.security.web.session.ConcurrentSessionFilter)
SimpleRedirectInvalidSessionStrategy(org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy)
InvalidSessionStrategy(org.springframework.security.web.session.InvalidSessionStrategy)
AuthenticationTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver)
NullSecurityContextRepository(org.springframework.security.web.context.NullSecurityContextRepository)
HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository)
SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository)
SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)
AuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler)
SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)
Example 3 with SimpleUrlAuthenticationFailureHandler
use of org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler in project spring-security by spring-projects.
the class SwitchUserFilter method afterPropertiesSet.
// ~ Methods
// ========================================================================================================
@Override
public void afterPropertiesSet() {
Assert.notNull(this.userDetailsService, "userDetailsService must be specified");
Assert.isTrue(this.successHandler != null || this.targetUrl != null, "You must set either a successHandler or the targetUrl");
if (this.targetUrl != null) {
Assert.isNull(this.successHandler, "You cannot set both successHandler and targetUrl");
this.successHandler = new SimpleUrlAuthenticationSuccessHandler(this.targetUrl);
}
if (this.failureHandler == null) {
this.failureHandler = this.switchFailureUrl == null ? new SimpleUrlAuthenticationFailureHandler() : new SimpleUrlAuthenticationFailureHandler(this.switchFailureUrl);
} else {
Assert.isNull(this.switchFailureUrl, "You cannot set both a switchFailureUrl and a failureHandler");
}
}
Also used :
SimpleUrlAuthenticationSuccessHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler)
SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)
Example 4 with SimpleUrlAuthenticationFailureHandler
use of org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler in project spring-security-oauth by spring-projects.
the class AuthorizationServerBeanDefinitionParserTests method filterUsesConfiguredFailureHandler.
@Test
public void filterUsesConfiguredFailureHandler() throws Exception {
final Field failureHandlerField = AbstractAuthenticationProcessingFilter.class.getDeclaredField("failureHandler");
ReflectionUtils.makeAccessible(failureHandlerField);
AuthenticationFailureHandler failureHandler = (AuthenticationFailureHandler) ReflectionUtils.getField(failureHandlerField, filter);
assertTrue("failure handler should be a simpleUrlFailureHandler", failureHandler instanceof SimpleUrlAuthenticationFailureHandler);
final Field failureUrlField = SimpleUrlAuthenticationFailureHandler.class.getDeclaredField("defaultFailureUrl");
ReflectionUtils.makeAccessible(failureUrlField);
String failureUrl = (String) ReflectionUtils.getField(failureUrlField, failureHandler);
assertEquals("failure URL should be the configured url", "/oauth/confirm_access", failureUrl);
}
Also used :
Field(java.lang.reflect.Field)
SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)
AuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler)
SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)
Test(org.junit.Test)
Aggregations
SimpleUrlAuthenticationFailureHandler (org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)4
AuthenticationFailureHandler (org.springframework.security.web.authentication.AuthenticationFailureHandler)2
Field (java.lang.reflect.Field)1
Test (org.junit.Test)1
AuthenticationTrustResolver (org.springframework.security.authentication.AuthenticationTrustResolver)1
SimpleUrlAuthenticationSuccessHandler (org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler)1
HttpSessionSecurityContextRepository (org.springframework.security.web.context.HttpSessionSecurityContextRepository)1
NullSecurityContextRepository (org.springframework.security.web.context.NullSecurityContextRepository)1
SecurityContextRepository (org.springframework.security.web.context.SecurityContextRepository)1
ConcurrentSessionFilter (org.springframework.security.web.session.ConcurrentSessionFilter)1
InvalidSessionStrategy (org.springframework.security.web.session.InvalidSessionStrategy)1
SessionManagementFilter (org.springframework.security.web.session.SessionManagementFilter)1
SimpleRedirectInvalidSessionStrategy (org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy)1
