Contribution by Wesley Hall to improve exception handling.

2004-07-22 04:56:17 +00:00 · 2004-07-22 04:56:17 +00:00 · f798e56d75
parent 2996d67b06
commit f798e56d75
2 changed files with 126 additions and 1 deletions
--- a/core/src/main/java/org/acegisecurity/AuthenticationException.java
+++ b/core/src/main/java/org/acegisecurity/AuthenticationException.java
@ -24,6 +24,14 @@ package net.sf.acegisecurity;
 * @version $Id$
 */
 public abstract class AuthenticationException extends AcegiSecurityException {
+    //~ Instance fields ========================================================
+
+    /**
+     * The authentication that related to this exception (may be
+     * <code>null</code>)
+     */
+    private Authentication authentication;
+
    //~ Constructors ===========================================================

    /**
@ -46,4 +54,14 @@ public abstract class AuthenticationException extends AcegiSecurityException {
    public AuthenticationException(String msg) {
        super(msg);
    }
+
+    //~ Methods ================================================================
+
+    public void setAuthentication(Authentication authentication) {
+        this.authentication = authentication;
+    }
+
+    public Authentication getAuthentication() {
+        return authentication;
+    }
 }
--- a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
@ -18,6 +18,11 @@ package net.sf.acegisecurity.ui;
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.AuthenticationException;
 import net.sf.acegisecurity.AuthenticationManager;
+import net.sf.acegisecurity.AuthenticationServiceException;
+import net.sf.acegisecurity.BadCredentialsException;
+import net.sf.acegisecurity.DisabledException;
+import net.sf.acegisecurity.LockedException;
+import net.sf.acegisecurity.providers.cas.ProxyUntrustedException;
 import net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter;

 import org.apache.commons.logging.Log;
@ -95,9 +100,39 @@ public abstract class AbstractProcessingFilter implements Filter,

    private AuthenticationManager authenticationManager;

+    /**
+     * Where to redirect the browser if authentication fails due to incorrect
+     * credentials
+     */
+    private String authenticationCredentialCheckFailureUrl;
+
+    /**
+     * Where to redirect the browser if authentication fails due to the users
+     * account being disabled
+     */
+    private String authenticationDisabledFailureUrl;
+
    /** Where to redirect the browser to if authentication fails */
    private String authenticationFailureUrl;

+    /**
+     * Where to redirect the browser if authentication fails due to the users
+     * account being locked
+     */
+    private String authenticationLockedFailureUrl;
+
+    /**
+     * Where to redirect the browser if authentication fails due to the user's
+     * proxy being considered untrusted
+     */
+    private String authenticationProxyUntrustedFailureUrl;
+
+    /**
+     * Where to redirect the browser if authentication fails due to failure of
+     * the authentication service
+     */
+    private String authenticationServiceFailureUrl;
+
    /**
     * Where to redirect the browser to if authentication is successful but
     * ACEGI_SECURITY_TARGET_URL_KEY is <code>null</code>
@ -133,6 +168,24 @@ public abstract class AbstractProcessingFilter implements Filter,
    public abstract Authentication attemptAuthentication(
        HttpServletRequest request) throws AuthenticationException;

+    public void setAuthenticationCredentialCheckFailureUrl(
+        String authenticationCredentialCheckFailureUrl) {
+        this.authenticationCredentialCheckFailureUrl = authenticationCredentialCheckFailureUrl;
+    }
+
+    public String getAuthenticationCredentialCheckFailureUrl() {
+        return authenticationCredentialCheckFailureUrl;
+    }
+
+    public void setAuthenticationDisabledFailureUrl(
+        String authenticationDisabledFailureUrl) {
+        this.authenticationDisabledFailureUrl = authenticationDisabledFailureUrl;
+    }
+
+    public String getAuthenticationDisabledFailureUrl() {
+        return authenticationDisabledFailureUrl;
+    }
+
    public void setAuthenticationFailureUrl(String authenticationFailureUrl) {
        this.authenticationFailureUrl = authenticationFailureUrl;
    }
@ -141,6 +194,15 @@ public abstract class AbstractProcessingFilter implements Filter,
        return authenticationFailureUrl;
    }

+    public void setAuthenticationLockedFailureUrl(
+        String authenticationLockedFailureUrl) {
+        this.authenticationLockedFailureUrl = authenticationLockedFailureUrl;
+    }
+
+    public String getAuthenticationLockedFailureUrl() {
+        return authenticationLockedFailureUrl;
+    }
+
    public void setAuthenticationManager(
        AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
@ -150,6 +212,24 @@ public abstract class AbstractProcessingFilter implements Filter,
        return authenticationManager;
    }

+    public void setAuthenticationProxyUntrustedFailureUrl(
+        String authenticationProxyUntrustedFailureUrl) {
+        this.authenticationProxyUntrustedFailureUrl = authenticationProxyUntrustedFailureUrl;
+    }
+
+    public String getAuthenticationProxyUntrustedFailureUrl() {
+        return authenticationProxyUntrustedFailureUrl;
+    }
+
+    public void setAuthenticationServiceFailureUrl(
+        String authenticationServiceFailureUrl) {
+        this.authenticationServiceFailureUrl = authenticationServiceFailureUrl;
+    }
+
+    public String getAuthenticationServiceFailureUrl() {
+        return authenticationServiceFailureUrl;
+    }
+
    public void setDefaultTargetUrl(String defaultTargetUrl) {
        this.defaultTargetUrl = defaultTargetUrl;
    }
@ -216,6 +296,33 @@ public abstract class AbstractProcessingFilter implements Filter,
                authResult = attemptAuthentication(httpRequest);
            } catch (AuthenticationException failed) {
                // Authentication failed
+                String failureUrl = authenticationFailureUrl;
+
+                if (failed instanceof AuthenticationServiceException
+                    && (authenticationServiceFailureUrl != null)) {
+                    failureUrl = authenticationServiceFailureUrl;
+                }
+
+                if (failed instanceof BadCredentialsException
+                    && (this.authenticationCredentialCheckFailureUrl != null)) {
+                    failureUrl = authenticationCredentialCheckFailureUrl;
+                }
+
+                if (failed instanceof DisabledException
+                    && (authenticationDisabledFailureUrl != null)) {
+                    failureUrl = authenticationDisabledFailureUrl;
+                }
+
+                if (failed instanceof LockedException
+                    && (authenticationLockedFailureUrl != null)) {
+                    failureUrl = authenticationLockedFailureUrl;
+                }
+
+                if (failed instanceof ProxyUntrustedException
+                    && (authenticationProxyUntrustedFailureUrl != null)) {
+                    failureUrl = authenticationProxyUntrustedFailureUrl;
+                }
+
                if (logger.isDebugEnabled()) {
                    logger.debug("Authentication request failed: "
                        + failed.toString());
@ -226,7 +333,7 @@ public abstract class AbstractProcessingFilter implements Filter,
                httpRequest.getSession().setAttribute(HttpSessionIntegrationFilter.ACEGI_SECURITY_AUTHENTICATION_KEY,
                    null);
                httpResponse.sendRedirect(httpResponse.encodeRedirectURL(httpRequest
-                        .getContextPath() + authenticationFailureUrl));
+                        .getContextPath() + failureUrl));

                return;
            }