Contribution by Wesley Hall to improve exception handling.

2004-07-22 04:56:17 +00:00 · 2004-07-22 04:56:17 +00:00 · f798e56d75
parent 2996d67b06
commit f798e56d75
2 changed files with 126 additions and 1 deletions
--- a/core/src/main/java/org/acegisecurity/AuthenticationException.java
+++ b/core/src/main/java/org/acegisecurity/AuthenticationException.java
@ -24,6 +24,14 @@ package net.sf.acegisecurity;
 * @version $Id$
 */
 public abstract class AuthenticationException extends AcegiSecurityException {
    //~ Instance fields ========================================================
    /**
     * The authentication that related to this exception (may be
     * <code>null</code>)
     */
    private Authentication authentication;
    //~ Constructors ===========================================================
    /**
@ -46,4 +54,14 @@ public abstract class AuthenticationException extends AcegiSecurityException {
    public AuthenticationException(String msg) {
        super(msg);
    }
    //~ Methods ================================================================
    public void setAuthentication(Authentication authentication) {
        this.authentication = authentication;
    }
    public Authentication getAuthentication() {
        return authentication;
    }
 }
--- a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
@ -18,6 +18,11 @@ package net.sf.acegisecurity.ui;
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.AuthenticationException;
 import net.sf.acegisecurity.AuthenticationManager;
 import net.sf.acegisecurity.AuthenticationServiceException;
 import net.sf.acegisecurity.BadCredentialsException;
 import net.sf.acegisecurity.DisabledException;
 import net.sf.acegisecurity.LockedException;
 import net.sf.acegisecurity.providers.cas.ProxyUntrustedException;
 import net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter;
 import org.apache.commons.logging.Log;
@ -95,9 +100,39 @@ public abstract class AbstractProcessingFilter implements Filter,
    private AuthenticationManager authenticationManager;
    /**
     * Where to redirect the browser if authentication fails due to incorrect
     * credentials
     */
    private String authenticationCredentialCheckFailureUrl;
    /**
     * Where to redirect the browser if authentication fails due to the users
     * account being disabled
     */
    private String authenticationDisabledFailureUrl;
    /** Where to redirect the browser to if authentication fails */
    private String authenticationFailureUrl;
    /**
     * Where to redirect the browser if authentication fails due to the users
     * account being locked
     */
    private String authenticationLockedFailureUrl;
    /**
     * Where to redirect the browser if authentication fails due to the user's
     * proxy being considered untrusted
     */
    private String authenticationProxyUntrustedFailureUrl;
    /**
     * Where to redirect the browser if authentication fails due to failure of
     * the authentication service
     */
    private String authenticationServiceFailureUrl;
    /**
     * Where to redirect the browser to if authentication is successful but
     * ACEGI_SECURITY_TARGET_URL_KEY is <code>null</code>
@ -133,6 +168,24 @@ public abstract class AbstractProcessingFilter implements Filter,
    public abstract Authentication attemptAuthentication(
        HttpServletRequest request) throws AuthenticationException;
    public void setAuthenticationCredentialCheckFailureUrl(
        String authenticationCredentialCheckFailureUrl) {
        this.authenticationCredentialCheckFailureUrl = authenticationCredentialCheckFailureUrl;
    }
    public String getAuthenticationCredentialCheckFailureUrl() {
        return authenticationCredentialCheckFailureUrl;
    }
    public void setAuthenticationDisabledFailureUrl(
        String authenticationDisabledFailureUrl) {
        this.authenticationDisabledFailureUrl = authenticationDisabledFailureUrl;
    }
    public String getAuthenticationDisabledFailureUrl() {
        return authenticationDisabledFailureUrl;
    }
    public void setAuthenticationFailureUrl(String authenticationFailureUrl) {
        this.authenticationFailureUrl = authenticationFailureUrl;
    }
@ -141,6 +194,15 @@ public abstract class AbstractProcessingFilter implements Filter,
        return authenticationFailureUrl;
    }
    public void setAuthenticationLockedFailureUrl(
        String authenticationLockedFailureUrl) {
        this.authenticationLockedFailureUrl = authenticationLockedFailureUrl;
    }
    public String getAuthenticationLockedFailureUrl() {
        return authenticationLockedFailureUrl;
    }
    public void setAuthenticationManager(
        AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
@ -150,6 +212,24 @@ public abstract class AbstractProcessingFilter implements Filter,
        return authenticationManager;
    }
    public void setAuthenticationProxyUntrustedFailureUrl(
        String authenticationProxyUntrustedFailureUrl) {
        this.authenticationProxyUntrustedFailureUrl = authenticationProxyUntrustedFailureUrl;
    }
    public String getAuthenticationProxyUntrustedFailureUrl() {
        return authenticationProxyUntrustedFailureUrl;
    }
    public void setAuthenticationServiceFailureUrl(
        String authenticationServiceFailureUrl) {
        this.authenticationServiceFailureUrl = authenticationServiceFailureUrl;
    }
    public String getAuthenticationServiceFailureUrl() {
        return authenticationServiceFailureUrl;
    }
    public void setDefaultTargetUrl(String defaultTargetUrl) {
        this.defaultTargetUrl = defaultTargetUrl;
    }
@ -216,6 +296,33 @@ public abstract class AbstractProcessingFilter implements Filter,
                authResult = attemptAuthentication(httpRequest);
            } catch (AuthenticationException failed) {
                // Authentication failed
                String failureUrl = authenticationFailureUrl;
                if (failed instanceof AuthenticationServiceException
                    && (authenticationServiceFailureUrl != null)) {
                    failureUrl = authenticationServiceFailureUrl;
                }
                if (failed instanceof BadCredentialsException
                    && (this.authenticationCredentialCheckFailureUrl != null)) {
                    failureUrl = authenticationCredentialCheckFailureUrl;
                }
                if (failed instanceof DisabledException
                    && (authenticationDisabledFailureUrl != null)) {
                    failureUrl = authenticationDisabledFailureUrl;
                }
                if (failed instanceof LockedException
                    && (authenticationLockedFailureUrl != null)) {
                    failureUrl = authenticationLockedFailureUrl;
                }
                if (failed instanceof ProxyUntrustedException
                    && (authenticationProxyUntrustedFailureUrl != null)) {
                    failureUrl = authenticationProxyUntrustedFailureUrl;
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("Authentication request failed: "
                        + failed.toString());
@ -226,7 +333,7 @@ public abstract class AbstractProcessingFilter implements Filter,
                httpRequest.getSession().setAttribute(HttpSessionIntegrationFilter.ACEGI_SECURITY_AUTHENTICATION_KEY,
                    null);
                httpResponse.sendRedirect(httpResponse.encodeRedirectURL(httpRequest
-                        .getContextPath() + authenticationFailureUrl));
+                        .getContextPath() + failureUrl));
                return;
            }