发表新帖
发表新帖

Spring security custom AuthenticationException message

前端 未结
关注
4 778
太阳男子
太阳男子 2021-01-01 00:43

Hi i needed to add a new exception in Spring security login form, everything work perfectly except that i want to have my own error message (until now it display the \"wrong

相关标签:
4条回答
  • 别跟我提以往
    2021-01-01 01:09

    You should try LOCALIZING SPRING SECURITY MESSAGES.
    Try adding these lines into your ApplicationContext.xml file. Where the rest of your spring security beans are.

    <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
    <property name="basename" value="yourFolder/myMessages"/>
</bean>

    You should find your spring default class which <KEY, MESSAGE> are stored. Have your myMessage file with the same KEYs and localized MESSAGEs.

    Based on your comment, you have a messages.properties in your project. So all you need to do is to have a MESSAGE for each of these keys inside this property file, to have a fully localized messages:

    AbstractAccessDecisionManager.accessDenied= your message in any language
AbstractSecurityInterceptor.authenticationNotFound=
AbstractUserDetailsAuthenticationProvider.badCredentials=
AbstractUserDetailsAuthenticationProvider.credentialsExpired=
AbstractUserDetailsAuthenticationProvider.disabled=
AbstractUserDetailsAuthenticationProvider.expired=
AbstractUserDetailsAuthenticationProvider.locked=
AbstractUserDetailsAuthenticationProvider.onlySupports=
AccountStatusUserDetailsChecker.credentialsExpired=
AccountStatusUserDetailsChecker.disabled=
AccountStatusUserDetailsChecker.expired=
AccountStatusUserDetailsChecker.locked=
AclEntryAfterInvocationProvider.noPermission=
AnonymousAuthenticationProvider.incorrectKey=
BindAuthenticator.badCredentials=
BindAuthenticator.emptyPassword=
CasAuthenticationProvider.incorrectKey=
CasAuthenticationProvider.noServiceTicket=
ConcurrentSessionControlStrategy.exceededAllowed=
DigestAuthenticationFilter.incorrectRealm=
DigestAuthenticationFilter.incorrectResponse=
DigestAuthenticationFilter.missingAuth=
DigestAuthenticationFilter.missingMandatory=
DigestAuthenticationFilter.nonceCompromised=
DigestAuthenticationFilter.nonceEncoding=
DigestAuthenticationFilter.nonceExpired=
DigestAuthenticationFilter.nonceNotNumeric=
DigestAuthenticationFilter.nonceNotTwoTokens=
DigestAuthenticationFilter.usernameNotFound=
JdbcDaoImpl.noAuthority=
JdbcDaoImpl.notFound=
LdapAuthenticationProvider.badCredentials=
LdapAuthenticationProvider.credentialsExpired=
LdapAuthenticationProvider.disabled=
LdapAuthenticationProvider.expired=
LdapAuthenticationProvider.locked=
LdapAuthenticationProvider.emptyUsername=
LdapAuthenticationProvider.onlySupports=
PasswordComparisonAuthenticator.badCredentials=
PersistentTokenBasedRememberMeServices.cookieStolen=
ProviderManager.providerNotFound=
RememberMeAuthenticationProvider.incorrectKey=
RunAsImplAuthenticationProvider.incorrectKey=
SubjectDnX509PrincipalExtractor.noMatching=
SwitchUserFilter.noCurrentUser=
SwitchUserFilter.noOriginalAuthentication=
    0 讨论(0)
  • 悲&欢浪女
    2021-01-01 01:21

    In your messages.properties (or whatever you named it), add a line like:

    AbstractUserDetailsAuthenticationProvider.badCredentials=The credentials you supplied are invalid.

    You don't need a CustomAuthenticationException.

    0 讨论(0)
  • 忘掉有多难
    2021-01-01 01:25

    A very simple way is defining your custom message in exception handler (@ControllerAdvice), as following: 

    @ResponseStatus(HttpStatus.UNAUTHORIZED)
@ResponseBody
@ExceptionHandler(value = AuthenticationException.class)
public ResponseModal handleAuthenticationExceptions(AuthenticationException ex, HttpServletResponse response) {
    LOGGER.info("Authentication Exception: {}", ex.getMessage());
    response.addCookie(new Cookie(JWTConfigurer.JWT_TOKEN_COOKIE, null));
    return new ResponseModal(HttpStatus.UNAUTHORIZED.value(), "whatever you want");
}
    0 讨论(0)
  • 孤街浪徒
    2021-01-01 01:32

    Create a property file in class path like loginMessage.properties

    In that property file, specify

    AbstractUserDetailsAuthenticationProvider.badCredentials=Username/Password entered is incorrect.

    Add the following bean in your applicationContext.xml,

    <bean id="messageSource"   
    class="org.springframework.context.support.ResourceBundleMessageSource">  
    <property name="basenames">  
        <list>
            <value>loginMessage</value>
        </list>
    </property>
</bean>

    After that, u'll get message like Username/Password entered is incorrect. instead of Bad Credentials

    0 讨论(0)
 看不清?
提交回复
热议问题