From bbcacc07bf50608ec7e97c97ba5445f213e17e76 Mon Sep 17 00:00:00 2001 From: DOHA Date: Mon, 14 Dec 2015 17:05:11 +0200 Subject: [PATCH] fix error message --- .../CustomAuthenticationFailureHandler.java | 44 +++++++++++++++++++ .../baeldung/spring/SecSecurityConfig.java | 5 +++ .../src/main/webapp/WEB-INF/view/login.jsp | 36 ++++----------- 3 files changed, 57 insertions(+), 28 deletions(-) create mode 100644 spring-security-login-and-registration/src/main/java/org/baeldung/security/CustomAuthenticationFailureHandler.java diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/security/CustomAuthenticationFailureHandler.java b/spring-security-login-and-registration/src/main/java/org/baeldung/security/CustomAuthenticationFailureHandler.java new file mode 100644 index 0000000000..8ae1ccf8bc --- /dev/null +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/security/CustomAuthenticationFailureHandler.java @@ -0,0 +1,44 @@ +package org.baeldung.security; + +import java.io.IOException; +import java.util.Locale; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.MessageSource; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; +import org.springframework.stereotype.Component; +import org.springframework.web.servlet.LocaleResolver; + +@Component +public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler { + + @Autowired + private MessageSource messages; + + @Autowired + private LocaleResolver localeResolver; + + @Override + public void onAuthenticationFailure(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException exception) throws IOException, ServletException { + setDefaultFailureUrl("/login.html?error=true"); + + super.onAuthenticationFailure(request, response, exception); + + final Locale locale = localeResolver.resolveLocale(request); + + if (exception.getMessage().equalsIgnoreCase("User is disabled")) { + request.getSession().setAttribute("SPRING_SECURITY_LAST_EXCEPTION", messages.getMessage("auth.message.disabled", null, locale)); + } else if (exception.getMessage().equalsIgnoreCase("User account has expired")) { + request.getSession().setAttribute("SPRING_SECURITY_LAST_EXCEPTION", messages.getMessage("auth.message.expired", null, locale)); + } else if (exception.getMessage().equalsIgnoreCase("blocked")) { + request.getSession().setAttribute("SPRING_SECURITY_LAST_EXCEPTION", messages.getMessage("auth.message.blocked", null, locale)); + } else { + request.getSession().setAttribute("SPRING_SECURITY_LAST_EXCEPTION", messages.getMessage("message.badCredentials", null, locale)); + } + } +} \ No newline at end of file diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java b/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java index 814ed92b33..4863187bba 100644 --- a/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java @@ -13,6 +13,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; @Configuration @@ -26,6 +27,9 @@ public class SecSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private AuthenticationSuccessHandler myAuthenticationSuccessHandler; + @Autowired + private AuthenticationFailureHandler authenticationFailureHandler; + public SecSecurityConfig() { super(); } @@ -59,6 +63,7 @@ public class SecSecurityConfig extends WebSecurityConfigurerAdapter { .defaultSuccessUrl("/homepage.html") .failureUrl("/login.html?error=true") .successHandler(myAuthenticationSuccessHandler) + .failureHandler(authenticationFailureHandler) .usernameParameter("j_username") .passwordParameter("j_password") .permitAll() diff --git a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/login.jsp b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/login.jsp index d1be07060a..949b8164de 100644 --- a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/login.jsp +++ b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/login.jsp @@ -7,34 +7,7 @@ <%@ page session="true"%> - - - -
- -
-
- -
- -
-
- -
- -
-
- -
- - -
-
-
-
+ @@ -72,6 +45,13 @@ ${param.message} + + +
+${SPRING_SECURITY_LAST_EXCEPTION} +
+
+