SpringSecurity:异常处理
一、常见异常
我们先来列举下一些 Spring Security 中常见的异常:
UsernameNotFoundException
(用户不存在)DisabledException
(用户已被禁用)BadCredentialsException
(坏的凭据)LockedException
(账户锁定)AccountExpiredException
(账户过期)CredentialsExpiredException
(证书过期)
二、处理异常
(1) 指定错误Url,WebSecurityConfig
中添加.failureUrl("/login/error")
(2)在Controller中处理异常
@RequestMapping("/login/error")
public void loginError(HttpServletRequest request, HttpServletResponse response) {
response.setContentType("text/html;charset=utf-8");
AuthenticationException exception =
(AuthenticationException)request.getSession().getAttribute("SPRING_SECURITY_LAST_EXCEPTION");
try {
response.getWriter().write(exception.toString());
}catch (IOException e) {
e.printStackTrace();
}
}