org.springframework.security.web.DefaultRedirectStrategy Java Examples

The following examples show how to use org.springframework.security.web.DefaultRedirectStrategy. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SpringletsSecurityWebAuthenticationEntryPoint.java    From springlets with Apache License 2.0 6 votes vote down vote up
@Override
public void commence(HttpServletRequest request, HttpServletResponse response,
    AuthenticationException authException) throws IOException, ServletException {

  ContentNegotiationStrategy negotiationStrategy = new HeaderContentNegotiationStrategy();
  MediaTypeRequestMatcher matcher =
      new MediaTypeRequestMatcher(negotiationStrategy, MediaType.TEXT_HTML);
  matcher.setUseEquals(false);

  if (matcher.matches(request)) {
    DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
    redirectStrategy.setContextRelative(false);
    redirectStrategy.sendRedirect(request, response, LOGIN_FORM_URL);
  } else {
    response.sendError(HttpServletResponse.SC_FORBIDDEN);
  }
}
 
Example #2
Source File: SpringletsSecurityWebAccessDeniedHandlerImpl.java    From springlets with Apache License 2.0 6 votes vote down vote up
@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
    AccessDeniedException accessDeniedException) throws IOException, ServletException {

  ContentNegotiationStrategy negotiationStrategy = new HeaderContentNegotiationStrategy();
  MediaTypeRequestMatcher matcher =
      new MediaTypeRequestMatcher(negotiationStrategy, MediaType.TEXT_HTML);
  matcher.setUseEquals(false);

  if (matcher.matches(request)) {
    DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
    redirectStrategy.setContextRelative(false);
    redirectStrategy.sendRedirect(request, response, "/errores/403");
  } else {
    response.sendError(HttpServletResponse.SC_FORBIDDEN);

  }

}
 
Example #3
Source File: OpenIDAuthenticationFailureHandler.java    From attic-rave with Apache License 2.0 6 votes vote down vote up
@Override
   public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
	if(exception instanceof UsernameNotFoundException
		&& exception.getAuthentication() instanceof OpenIDAuthenticationToken
           && ((OpenIDAuthenticationToken)exception.getAuthentication()).getStatus().equals(OpenIDAuthenticationStatus.SUCCESS)) {
		
		OpenIDAuthenticationToken token = (OpenIDAuthenticationToken)exception.getAuthentication();
		String url = token.getIdentityUrl();
		User user = createTemporaryUser(token, url);
		request.getSession(true).setAttribute(ModelKeys.NEW_USER, user);

		DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
		log.info("Redirecting to new user account creation page");
		super.setRedirectStrategy(redirectStrategy);
		redirectStrategy.sendRedirect(request, response, "/"+ViewNames.CREATE_ACCOUNT_PAGE);
		return;
	} else {
		super.onAuthenticationFailure(request, response, exception);
	}
}
 
Example #4
Source File: CustomAuthenticationFailureHandler.java    From oauth-server with Apache License 2.0 5 votes vote down vote up
@Override
public void onAuthenticationFailure(
        HttpServletRequest request,
        HttpServletResponse response,
        AuthenticationException exception) throws IOException, ServletException {
    String username = request.getParameter("username");
    HttpSession session = request.getSession(false);
    if (session != null) {
        session.setAttribute("username",
                username);
        session.setAttribute("SPRING_SECURITY_LAST_EXCEPTION", exception.getMessage());
        if (exception instanceof CustomAuthenticationException) {
            session.setAttribute("SPRING_SECURITY_LAST_EXCEPTION_PARAMS",
                    ((CustomAuthenticationException) exception).getParameters());
        }

    }
    String message = null;
    if (exception != null) {
        message = exception.getMessage();
    }
    UserE user = userService.queryByLoginField(username);
    if (user != null
            && LoginException.USERNAME_NOT_FOUND_OR_PASSWORD_IS_WRONG.value().equalsIgnoreCase(message)) {
        loginRecord.loginError(user.getId());
    }
    RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
    redirectStrategy.sendRedirect(request, response, loginPath + "?username=" + username);
}
 
Example #5
Source File: CustomAuthenticationFailureHandler.java    From spring-boot with Apache License 2.0 5 votes vote down vote up
/**
     * 打印必要的错误信息后,继续执行。spring security 出现如下异常,控制台不打印信息,无法指定发生了哪种类型的错误
     *
     * @param request
     * @param response
     * @param exception
     * @throws IOException
     * @throws ServletException
     */
    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
        log.error("spring security Authentication Fail : {}", exception.getMessage());
        // spring security 不打印异常信息,无法定位错误,这里打印出来
        // 不打印,通过 下面的  sendRedirect 传递信息
        // exception.printStackTrace();

        RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
        redirectStrategy.sendRedirect(request, response, "/myerror?error=" + exception.getMessage());
        setDefaultFailureUrl("/myerror?error" + exception.getMessage());
        // setRedirectStrategy(redirectStrategy);

//        //根据错误情况,做不同的处理
//        //也可以设置  setDefaultFailureUrl("/url3"); 进行跳转
//        if (exception.getClass().isAssignableFrom(UsernameNotFoundException.class)) {
//            log.info("用户名没找到");
//            // setDefaultFailureUrl("/url3");
//        } else if (exception.getClass().isAssignableFrom(DisabledException.class)) {
//            log.info("用户无效");
//            // setDefaultFailureUrl("/url3");
//        } else if (exception.getClass().isAssignableFrom(BadCredentialsException.class)) {
//            log.info("用户无效或被锁定");
//            // setDefaultFailureUrl("/url1");
//        } else if (exception.getClass().isAssignableFrom(SessionAuthenticationException.class)) {
//            log.info("登录会话过多");
//            exception.printStackTrace();
//             setDefaultFailureUrl("/url3");
//        } else if (exception.getClass().isAssignableFrom(InvalidCookieException.class)) {
//            log.info("RememberMe 异常 ,cookies 失效或格式不对");
//        }

        //继续按照默认的流程执行,根据错误情况,进行跳转
        // super.onAuthenticationFailure(request, response, exception);
    }
 
Example #6
Source File: MolgenisChangePasswordFilterTest.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@BeforeEach
void setUpBeforeMethod() {
  filter = new MolgenisChangePasswordFilter(userService, new DefaultRedirectStrategy());
  request = new MockHttpServletRequest();
  response = new MockHttpServletResponse();
  chain = mock(FilterChain.class);
}
 
Example #7
Source File: TwoFactorAuthenticationFilterTest.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@BeforeEach
void setUpBeforeMethod() {
  filter =
      new TwoFactorAuthenticationFilter(
          authenticationSettings,
          twoFactorAuthenticationService,
          new DefaultRedirectStrategy(),
          userAccountService);
  request = new MockHttpServletRequest();
  response = new MockHttpServletResponse();
  chain = mock(FilterChain.class);
}
 
Example #8
Source File: WebSecurityConfig.java    From jeesupport with MIT License 4 votes vote down vote up
@Bean
public RedirectStrategy redirectStrategy(){
    return new DefaultRedirectStrategy();
}
 
Example #9
Source File: MolgenisWebAppSecurityConfig.java    From molgenis with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Bean
public RedirectStrategy redirectStrategy() {
  return new DefaultRedirectStrategy();
}