java - waffle custom error page in spring -



java - waffle custom error page in spring -

i using waffle 1.7 + spring 4 + spring security 3.2 + thymeleaf. problem is, unable provide custom error page when fall-back form logging fails. configuration: @override protected void configure(httpsecurity http) throws exception { http.authorizerequests() .antmatchers("/**") .authenticated() .and() .exceptionhandling() .authenticationentrypoint(negotiatesecurityfilterentrypoint()) .accessdeniedpage("/access-denied") .and() .addfilterbefore(wafflenegotiatesecurityfilter(), basicauthenticationfilter.class); }

when user uses browser snpengo off , enters wrong credentials, default scheme 500 page appears next information:

com.sun.jna.platform.win32.win32exception: logon effort failed. waffle.windows.auth.impl.windowsauthproviderimpl.acceptsecuritytoken(windowsauthproviderimpl.java:134) waffle.servlet.spi.negotiatesecurityfilterprovider.dofilter(negotiatesecurityfilterprovider.java:103) waffle.servlet.spi.securityfilterprovidercollection.dofilter(securityfilterprovidercollection.java:130) ...

how can provide custom page (access-denied.html thymeleaf template) ? far have tried http://spring.io/blog/2013/11/01/exception-handling-in-spring-mvc without success.

after digging spring documentation , tracking waffle have been able solve in next "ugly" way. 1. disabling security /access-denied page prevent endless redirection loop 2. wrapping waffle filter grab exceptions , redirect it

does have improve solution ?

@override protected void configure(httpsecurity http) throws exception { http.authorizerequests() .antmatchers("/access-denied") .permitall() .and() .authorizerequests() .antmatchers("/**") .authenticated() .and() .exceptionhandling() .authenticationentrypoint(negotiatesecurityfilterentrypoint()) .accessdeniedpage("/access-denied") .and() .addfilterbefore(wafflenegotiatesecurityfilter(), basicauthenticationfilter.class); } public class wafflewrappersecuritybean extends genericfilterbean { @notnull private final genericfilterbean wrappedfilter; public wafflewrappersecuritybean(genericfilterbean filter) { wrappedfilter = filter; } @override public void dofilter(servletrequest request, servletresponse response, filterchain chain) throws ioexception, servletexception { seek { wrappedfilter.dofilter(request, response, chain); } grab (exception e) { ((httpservletresponse) response) .sendredirect("access-denied?message=" + e.getlocalizedmessage()); } } @override public void destroy() { wrappedfilter.destroy(); } } // controller code ommited

java spring spring-security waffle

Comments

Popular posts from this blog

formatting - SAS SQL Datepart function returning odd values -

c++ - Apple Mach-O Linker Error(Duplicate Symbols For Architecture armv7) -

php - Yii 2: Unable to find a class into the extension 'yii2-admin' -