17 anos atrás · 615194710e
--- a/core/src/main/java/org/springframework/security/ui/AuthenticationFailureHandler.java
+++ b/core/src/main/java/org/springframework/security/ui/AuthenticationFailureHandler.java
@@ -0,0 +1,30 @@
 
				+package org.springframework.security.ui;
			
 
				+
			
 
				+import javax.servlet.http.HttpServletRequest;
			
 
				+import javax.servlet.http.HttpServletResponse;
			
 
				+
			
 
				+import org.springframework.security.AuthenticationException;
			
 
				+import org.springframework.security.CredentialsExpiredException;
			
 
				+
			
 
				+/**
			
 
				+ * Strategy used to handle a failed authentication attempt.
			
 
				+ * <p>
			
 
				+ * Typical behaviour might be to redirect the user to the authentication page (in the case of a form login) to
			
 
				+ * allow them to try again. More sophisticated logic might be implemented depending on the type of the exception.
			
 
				+ * For example, a {@link CredentialsExpiredException} might cause a redirect to a web controller which allowed the
			
 
				+ * user to change their password.
			
 
				+ *
			
 
				+ * @author Luke Taylor
			
 
				+ * @version $Id$
			
 
				+ * @since 2.5
			
 
				+ */
			
 
				+public interface AuthenticationFailureHandler {
			
 
				+
			
 
				+    /**
			
 
				+     * Called when an authentication attempt fails.
			
 
				+     * @param request the request during which the authentication attempt occurred.
			
 
				+     * @param response the response.
			
 
				+     * @param exception the exception which was thrown to reject the authentication request.
			
 
				+     */
			
 
				+    void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception);
			
 
				+}
			
--- a/core/src/main/java/org/springframework/security/ui/AuthenticationSuccessHandler.java
+++ b/core/src/main/java/org/springframework/security/ui/AuthenticationSuccessHandler.java
@@ -0,0 +1,32 @@
 
				+package org.springframework.security.ui;
			
 
				+
			
 
				+import javax.servlet.http.HttpServletRequest;
			
 
				+import javax.servlet.http.HttpServletResponse;
			
 
				+
			
 
				+import org.springframework.security.Authentication;
			
 
				+
			
 
				+/**
			
 
				+ * Strategy used to handle a successful user authentication.
			
 
				+ * <p>
			
 
				+ * Implementations can do whatever they want but typical behaviour would be to control the navigation to the
			
 
				+ * subsequent destination (using a redirect or a forward). For example, after a user has logged in by submitting a
			
 
				+ * login form, the application needs to decide where they should be redirected to afterwards
			
 
				+ * (see {@link AbstractProcessingFilter} and subclasses). Other logic may also be included if required.
			
 
				+ *
			
 
				+ * @author Luke Taylor
			
 
				+ * @version $Id$
			
 
				+ * @since 2.5
			
 
				+ * @see
			
 
				+ */
			
 
				+public interface AuthenticationSuccessHandler {
			
 
				+
			
 
				+    /**
			
 
				+     * Called when a user has been successfully authenticated.
			
 
				+     *
			
 
				+     * @param request the request which caused the successful authentication
			
 
				+     * @param response the response
			
 
				+     * @param authentication the <tt>Authentication</tt> object which was created during the authentication process.
			
 
				+     */
			
 
				+    void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication);
			
 
				+
			
 
				+}