@Test public void shouldNotSetSecurityExceptionMessageOnSessionWhenBadCredentialsExceptionIsThrownBySpring() throws Exception { filter.onUnsuccessfulAuthentication(request, null, new BadCredentialsException("foobar")); assertThat( session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY), is(nullValue())); }
@Test public void shouldSetSecurityExceptionMessageOnSessionWhenAuthenticationServiceExceptionIsThrownBySpring() throws Exception { when(localizer.localize("AUTHENTICATION_SERVICE_EXCEPTION")).thenReturn("some server error"); filter.onUnsuccessfulAuthentication( request, null, new AuthenticationServiceException("foobar")); assertThat( ((Exception) session.getAttribute( AuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)) .getMessage(), is("some server error")); }