Geek asks and answers

Spring Security, how to throw an exception in PRE_AUTH_FILTER using exceptionMappings

I am using Spring MVC (3.1.1.RELEASE) and Spring Security (3.1.0.RELEASE).

The Spring application is a REST API server that passes Json.

my security-context.xml contains this filter PRE_AUTH_FILTER:

<custom-filter position="PRE_AUTH_FILTER"  ref="siteminderFilter"  />
...
<beans:bean id="siteminderFilter" class=
"com.test.server.util.RequestHeaderAuthenticationFilter" >
    <beans:property name="principalRequestHeader" value="login"/>
    <beans:property name="authenticationManager" ref="authenticationManager" />    
</beans:bean>

my custom RequestHeaderAuthenticationFilter extends AbstractPreAuthenticatedProcessingFilter and throws a PreAuthenticatedCredentialsNotFoundException

Thus, users receive 500 internal server errors. But I would like the user to get a JSON string. Is it possible? if so, how can I do this?

I tried using exceptionMappings this way, but it doesn't seem to work

<beans:bean id="siteminderFilter" class=
"com.pecunia.server.util.RequestHeaderAuthenticationFilter" >
    <beans:property name="principalRequestHeader" value="login"/>
    <beans:property name="authenticationManager" ref="authenticationManager" />    
   <beans:property name="exceptionMappings">
      <beans:props>
    <beans:prop key="org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException">/error.json</beans:prop>
    </beans:props>
   </beans:property>
</beans:bean>

gives me this deployment error:

Bean property 'exceptionMappings' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter

I also tried

<form-login authentication-failure-handler-ref="authenticationFailureHandler" />
...
<beans:bean id="authenticationFailureHandler" class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
   <beans:property name="exceptionMappings">
      <beans:props>
    <beans:prop key="org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException">/error.json</beans:prop>
    </beans:props>
   </beans:property>
</beans:bean>

( 500 )

+5

:

3790
?
2035
( )
1918
?

More articles:


All Articles