|
@@ -16,6 +16,7 @@
|
|
|
package org.acegisecurity.ui;
|
|
package org.acegisecurity.ui;
|
|
|
|
|
|
|
|
import org.acegisecurity.AccessDeniedException;
|
|
import org.acegisecurity.AccessDeniedException;
|
|
|
|
|
+import org.acegisecurity.AcegiSecurityException;
|
|
|
import org.acegisecurity.AuthenticationException;
|
|
import org.acegisecurity.AuthenticationException;
|
|
|
import org.acegisecurity.AuthenticationTrustResolver;
|
|
import org.acegisecurity.AuthenticationTrustResolver;
|
|
|
import org.acegisecurity.AuthenticationTrustResolverImpl;
|
|
import org.acegisecurity.AuthenticationTrustResolverImpl;
|
|
@@ -145,19 +146,52 @@ public class ExceptionTranslationFilter implements Filter, InitializingBean {
|
|
|
if (logger.isDebugEnabled()) {
|
|
if (logger.isDebugEnabled()) {
|
|
|
logger.debug("Chain processed normally");
|
|
logger.debug("Chain processed normally");
|
|
|
}
|
|
}
|
|
|
- } catch (AuthenticationException authentication) {
|
|
|
|
|
|
|
+ } catch (AuthenticationException ex) {
|
|
|
|
|
+ handleException(request, response, chain, ex);
|
|
|
|
|
+ } catch (AccessDeniedException ex) {
|
|
|
|
|
+ handleException(request, response, chain, ex);
|
|
|
|
|
+ } catch (ServletException ex) {
|
|
|
|
|
+ if (ex.getRootCause() instanceof AuthenticationException
|
|
|
|
|
+ || ex.getRootCause() instanceof AccessDeniedException) {
|
|
|
|
|
+ handleException(request, response, chain,
|
|
|
|
|
+ (AcegiSecurityException) ex.getRootCause());
|
|
|
|
|
+ } else {
|
|
|
|
|
+ throw ex;
|
|
|
|
|
+ }
|
|
|
|
|
+ } catch (IOException ex) {
|
|
|
|
|
+ throw ex;
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ public AuthenticationEntryPoint getAuthenticationEntryPoint() {
|
|
|
|
|
+ return authenticationEntryPoint;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ public AuthenticationTrustResolver getAuthenticationTrustResolver() {
|
|
|
|
|
+ return authenticationTrustResolver;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ public PortResolver getPortResolver() {
|
|
|
|
|
+ return portResolver;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ private void handleException(ServletRequest request,
|
|
|
|
|
+ ServletResponse response, FilterChain chain,
|
|
|
|
|
+ AcegiSecurityException exception) throws IOException, ServletException {
|
|
|
|
|
+ if (exception instanceof AuthenticationException) {
|
|
|
if (logger.isDebugEnabled()) {
|
|
if (logger.isDebugEnabled()) {
|
|
|
logger.debug("Authentication exception occurred; redirecting to authentication entry point",
|
|
logger.debug("Authentication exception occurred; redirecting to authentication entry point",
|
|
|
- authentication);
|
|
|
|
|
|
|
+ exception);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- sendStartAuthentication(request, response, chain, authentication);
|
|
|
|
|
- } catch (AccessDeniedException accessDenied) {
|
|
|
|
|
|
|
+ sendStartAuthentication(request, response, chain,
|
|
|
|
|
+ (AuthenticationException) exception);
|
|
|
|
|
+ } else if (exception instanceof AccessDeniedException) {
|
|
|
if (authenticationTrustResolver.isAnonymous(
|
|
if (authenticationTrustResolver.isAnonymous(
|
|
|
SecurityContextHolder.getContext().getAuthentication())) {
|
|
SecurityContextHolder.getContext().getAuthentication())) {
|
|
|
if (logger.isDebugEnabled()) {
|
|
if (logger.isDebugEnabled()) {
|
|
|
logger.debug("Access is denied (user is anonymous); redirecting to authentication entry point",
|
|
logger.debug("Access is denied (user is anonymous); redirecting to authentication entry point",
|
|
|
- accessDenied);
|
|
|
|
|
|
|
+ exception);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
sendStartAuthentication(request, response, chain,
|
|
sendStartAuthentication(request, response, chain,
|
|
@@ -166,32 +200,15 @@ public class ExceptionTranslationFilter implements Filter, InitializingBean {
|
|
|
} else {
|
|
} else {
|
|
|
if (logger.isDebugEnabled()) {
|
|
if (logger.isDebugEnabled()) {
|
|
|
logger.debug("Access is denied (user is not anonymous); sending back forbidden response",
|
|
logger.debug("Access is denied (user is not anonymous); sending back forbidden response",
|
|
|
- accessDenied);
|
|
|
|
|
|
|
+ exception);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- sendAccessDeniedError(request, response, chain, accessDenied);
|
|
|
|
|
|
|
+ sendAccessDeniedError(request, response, chain,
|
|
|
|
|
+ (AccessDeniedException) exception);
|
|
|
}
|
|
}
|
|
|
- } catch (ServletException e) {
|
|
|
|
|
- throw e;
|
|
|
|
|
- } catch (IOException e) {
|
|
|
|
|
- throw e;
|
|
|
|
|
- } catch (Throwable otherException) {
|
|
|
|
|
- throw new ServletException(otherException);
|
|
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- public AuthenticationEntryPoint getAuthenticationEntryPoint() {
|
|
|
|
|
- return authenticationEntryPoint;
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
- public AuthenticationTrustResolver getAuthenticationTrustResolver() {
|
|
|
|
|
- return authenticationTrustResolver;
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
- public PortResolver getPortResolver() {
|
|
|
|
|
- return portResolver;
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
public void init(FilterConfig filterConfig) throws ServletException {}
|
|
public void init(FilterConfig filterConfig) throws ServletException {}
|
|
|
|
|
|
|
|
/**
|
|
/**
|
Ben Alex