Class CustomAuthenticationFailureHandler
java.lang.Object
org.apache.fineract.infrastructure.security.service.CustomAuthenticationFailureHandler
- All Implemented Interfaces:
org.springframework.security.web.authentication.AuthenticationFailureHandler
public class CustomAuthenticationFailureHandler
extends Object
implements org.springframework.security.web.authentication.AuthenticationFailureHandler
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected org.springframework.security.web.RedirectStrategyprotected booleanprotected booleanvoidonAuthenticationFailure(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException exception) Performs the redirect or forward to thedefaultFailureUrlif set, otherwise returns a 401 error code.protected final voidsaveException(jakarta.servlet.http.HttpServletRequest request, org.springframework.security.core.AuthenticationException exception) Caches theAuthenticationExceptionfor use in view rendering.voidsetAllowSessionCreation(boolean allowSessionCreation) voidsetDefaultFailureUrl(String defaultFailureUrl) The URL which will be used as the failure destination.voidsetRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy) Allows overriding of the behaviour when redirecting to a target URL.voidsetUseForward(boolean forwardToDestination) If set to true, performs a forward to the failure destination URL instead of a redirect.
-
Constructor Details
-
CustomAuthenticationFailureHandler
public CustomAuthenticationFailureHandler()
-
-
Method Details
-
onAuthenticationFailure
public void onAuthenticationFailure(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException exception) throws IOException, jakarta.servlet.ServletException Performs the redirect or forward to thedefaultFailureUrlif set, otherwise returns a 401 error code.If redirecting or forwarding,
saveExceptionwill be called to cache the exception for use in the target view.- Specified by:
onAuthenticationFailurein interfaceorg.springframework.security.web.authentication.AuthenticationFailureHandler- Throws:
IOExceptionjakarta.servlet.ServletException
-
saveException
protected final void saveException(jakarta.servlet.http.HttpServletRequest request, org.springframework.security.core.AuthenticationException exception) Caches theAuthenticationExceptionfor use in view rendering.If
forwardToDestinationis set to true, request scope will be used, otherwise it will attempt to store the exception in the session. If there is no session andallowSessionCreationistruea session will be created. Otherwise the exception will not be stored. -
setDefaultFailureUrl
The URL which will be used as the failure destination.- Parameters:
defaultFailureUrl- the failure URL, for example "/loginFailed.jsp".
-
isUseForward
protected boolean isUseForward() -
setUseForward
public void setUseForward(boolean forwardToDestination) If set to true, performs a forward to the failure destination URL instead of a redirect. Defaults to false. -
setRedirectStrategy
public void setRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy) Allows overriding of the behaviour when redirecting to a target URL. -
getRedirectStrategy
protected org.springframework.security.web.RedirectStrategy getRedirectStrategy() -
isAllowSessionCreation
protected boolean isAllowSessionCreation() -
setAllowSessionCreation
public void setAllowSessionCreation(boolean allowSessionCreation)
-