grails - 抛出自定义异常并显示来自自定义 AuthenticationProvider 的错误消息

Question

这是 this question 的后续内容.

我有一个扩展 AbstractUserDetailsAuthenticationProvider 的自定义 AuthenticationProvider。在 extraAuthenticationChecks 中，我正在执行一些自定义身份验证工作，此过程的一部分是在登录屏幕上向用户显示一些消息。目前，为了测试，我创建了一个 UserNotActivatedException:

class UserNotActivatedException extends AuthenticationException {

  public UserNotActivatedException(String message, Throwable t) {
    super(message, t)
  }

  public UserNotActivatedException(String message) {
    super(message)
  }

  public UserNotActivatedException(String message, Object extraInformation) {
    super(message, extraInformation)
  }

}

在additionalAuthenticationChecks 中，我立即将其投入测试。现在，我需要知道需要做什么才能让我自己的失败消息显示在登录屏幕上。在 spring-security-core 默认配置中，我们可以覆盖以下内容:

errors.login.disabled = "Sorry, your account is disabled."
errors.login.expired = "Sorry, your account has expired."
errors.login.passwordExpired = "Sorry, your password has expired."
errors.login.locked = "Sorry, your account is locked."
errors.login.fail = "Sorry, we were not able to find a user with that username and password."

但我不知道如何添加自己的附加消息。

Answer 1

看起来这些消息只是被生成到 grails-app/controllers 中的 LoginController 的 authfail 操作使用。这是模板中的代码(在插件中):

/**
 * Callback after a failed login. Redirects to the auth page with a warning message.
 */
def authfail = {

    def username = session[UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY]
    String msg = ''
    def exception = session[WebAttributes.AUTHENTICATION_EXCEPTION]
    if (exception) {
        if (exception instanceof AccountExpiredException) {
            msg = SpringSecurityUtils.securityConfig.errors.login.expired
        }
        else if (exception instanceof CredentialsExpiredException) {
            msg = SpringSecurityUtils.securityConfig.errors.login.passwordExpired
        }
        else if (exception instanceof DisabledException) {
            msg = SpringSecurityUtils.securityConfig.errors.login.disabled
        }
        else if (exception instanceof LockedException) {
            msg = SpringSecurityUtils.securityConfig.errors.login.locked
        }
        else {
            msg = SpringSecurityUtils.securityConfig.errors.login.fail
        }
    }

    if (springSecurityService.isAjax(request)) {
        render([error: msg] as JSON)
    }
    else {
        flash.message = msg
        redirect action: auth, params: params
    }
}

(来自 ~/.grails/1.3.7/projects/project-name/plugins/spring-security-core-1.1.2/src/templates/LoginController.groovy.template)

您可以将 UserNotActivatedException 类型添加到那里的条件中。