我已经像这样配置了一个ExceptionMappingAuthenticationFailureHandler:
@Bean(name = { "defaultAuthenticationFailureHandler", "authenticationFailureHandler" })
protected AuthenticationFailureHandler defaultAuthenticationFailureHandler() {
Map<String, String> exceptionMappings = new HashMap<>();
exceptionMappings.put(InternalAuthenticationServiceException.class.getCanonicalName(), "/login?error=servererror");
exceptionMappings.put(BadCredentialsException.class.getCanonicalName(), "/login?error=authfailed");
exceptionMappings.put(CredentialsExpiredException.class.getCanonicalName(), "/login?error=credentialsExpired");
exceptionMappings.put(LockedException.class.getCanonicalName(), "/login?error=locked");
exceptionMappings.put(DisabledException.class.getCanonicalName(), "/login?error=disabled");
exceptionMappings.put(AccessDeniedException.class.getCanonicalName(), "/login?error=denied");
final ExceptionMappingAuthenticationFailureHandler result = new ExceptionMappingAuthenticationFailureHandler();
result.setExceptionMappings(exceptionMappings);
result.setDefaultFailureUrl("/login?error=default");
return result;
}
我还有一个自定义AuthenticationProvider,它会根据错误抛出InternalAuthenticationServiceException或BadCredentialsException。所以现在我进入登录页面并尝试使用无效的用户名/密码登录。我开始调试它,我可以看到它在ExceptionMappingAuthenticationFailureHandler中,它重定向到正确的URL,但随后流程进入ExceptionTranslationFilter第168行,其中处理AccessDeniedException(不知道它被引发的原因)并再次调用ExceptionMappingAuthenticationFailureHandler但这一次它重定向到“/ login”所以最后我被重定向到“/ login”而不是“/ login?error = authfailed”
答案 0 :(得分:2)
Rob指出 formLogin()。permitAll()要求查询字符串完全匹配(在这种情况下,它将是/ login?error)。因此,您需要使用authorizeRequests()。antMatcher(&#34; / login&#34;)。permitAll()以确保授予访问权限