如何处理Spring ProviderManager中抛出的spring security InternalAuthenticationServiceException [英] How to handle spring security InternalAuthenticationServiceException thrown in Spring ProviderManager

问题描述

ProviderManager 在 DaoAuthenticationProvider.class 中检索用户时抛出 InternalAuthenticationServiceException.class，

ProviderManager is throwing InternalAuthenticationServiceException.class while retrieving users in DaoAuthenticationProvider.class,

 loadedUser = this.getUserDetailsService().loadUserByUsername(username);

我想处理这个异常并将我的自定义响应返回给客户端.

I want to handle this exception and return my custom response to the client.

我不想通过编写自定义 ProviderManager 来处理这个问题.

I don't want to handle this by writing custom ProviderManager.

对于所有其他 OAuth 异常，我能够使用自定义 WebResponseExceptionTranslator 处理异常.

For all other OAuth exceptions i am able to handle the exceptions using Custom WebResponseExceptionTranslator.

但我无法捕获诸如 InternalAuthenticationServiceException.class 之类的安全异常.

But I am unable to catch security exceptions like InternalAuthenticationServiceException.class.

我没有选择将 ErrorController 与/error 路径一起使用，它会破坏其他流程.

I don't have option to use ErrorController with the /error path, it is breaking other flows.

推荐答案

你可以写一个用 @ControllerAdvice 注释的类，并有一个 @ExceptionHandler(value=InternalAuthenticationServiceException.class).

You can write a class which is annotated with @ControllerAdvice and have a @ExceptionHandler(value=InternalAuthenticationServiceException.class).

例如:-

@ControllerAdvice
public class ExceptionHandler {

    @ExceptionHandler(InternalAuthenticationServiceException.class)
    public ResponseEntity<String> handleInternalAuthenticationServiceException(InternalAuthenticationServiceException e) {
        ResponseEntity<String> response = new ResponseEntity<String>(e.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
        return response;
    }

}

更新

如果您没有控制器并使用 @EnableAuthorizationServer 那么您需要从 AuthorizationServerConfigurerAdapter 扩展并覆盖 configure(AuthorizationServerEndpointsConfigurer endpoints) 作为下面.您可以使用 AuthorizationServerEndpointsConfigurer.exceptionTranslator 来处理您的 InternalAuthenticationServiceException.

If you don't have controllers and using @EnableAuthorizationServer then you need to extend from AuthorizationServerConfigurerAdapter and override configure(AuthorizationServerEndpointsConfigurer endpoints) as below. You can use AuthorizationServerEndpointsConfigurer.exceptionTranslator to handle your InternalAuthenticationServiceException.

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints
                // other endpoints
                .exceptionTranslator(e -> {
                    if (e instanceof InternalAuthenticationServiceException) {
                        InternalAuthenticationServiceException internalAuthenticationServiceException = (InternalAuthenticationServiceException) e;

                        // return a ResponseEntity or throw a custom Exception.
                    } 
                });
    }

这篇关于如何处理Spring ProviderManager中抛出的spring security InternalAuthenticationServiceException的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！