/**
* Convenience method for logging an {@link AuthenticationException}.
*
* <p>This method will log the following exception types at the FINE level:
*
* <ul>
* <li>{@link UsernameNotFoundException}
* <li>{@link BadCredentialsException}
* <li>{@link DisabledException}
* </ul>
*
* All other exception types are logged at WARNING.
*/
protected void log(AuthenticationException ex) {
Level l = Level.WARNING;
if (ex instanceof UsernameNotFoundException
|| ex instanceof BadCredentialsException
|| ex instanceof DisabledException) {
l = Level.FINE;
}
LOGGER.log(l, ex.getLocalizedMessage(), ex);
}
@Override
public void commence(
HttpServletRequest request,
HttpServletResponse response,
AuthenticationException authException)
throws IOException, ServletException {
// if( authException instanceof InsufficientAuthenticationException) {
// return;
// }
response.addHeader("Access-Control-Allow-Origin", "null");
response.addHeader("WWW-Authenticate", "Basic realm=\"" + getRealmName() + "\"");
response.addHeader("Content-Type", "application/json");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
PrintWriter writer = response.getWriter();
ObjectMapper mapper = new ObjectMapper();
ErrorInfo errorInfo =
new ErrorInfo(HttpServletResponse.SC_UNAUTHORIZED, authException.getLocalizedMessage());
String jsonError = mapper.writeValueAsString(errorInfo);
writer.println(jsonError);
LOG.info("result = " + jsonError);
}