/** * Convenience method for logging an {@link AuthenticationException}. * * <p>This method will log the following exception types at the FINE level: * * <ul> * <li>{@link UsernameNotFoundException} * <li>{@link BadCredentialsException} * <li>{@link DisabledException} * </ul> * * All other exception types are logged at WARNING. */ protected void log(AuthenticationException ex) { Level l = Level.WARNING; if (ex instanceof UsernameNotFoundException || ex instanceof BadCredentialsException || ex instanceof DisabledException) { l = Level.FINE; } LOGGER.log(l, ex.getLocalizedMessage(), ex); }
@Override public void commence( HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { // if( authException instanceof InsufficientAuthenticationException) { // return; // } response.addHeader("Access-Control-Allow-Origin", "null"); response.addHeader("WWW-Authenticate", "Basic realm=\"" + getRealmName() + "\""); response.addHeader("Content-Type", "application/json"); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); PrintWriter writer = response.getWriter(); ObjectMapper mapper = new ObjectMapper(); ErrorInfo errorInfo = new ErrorInfo(HttpServletResponse.SC_UNAUTHORIZED, authException.getLocalizedMessage()); String jsonError = mapper.writeValueAsString(errorInfo); writer.println(jsonError); LOG.info("result = " + jsonError); }