Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ...
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .csrf().disable()
- // IMPORTANT: Add Filter after "ExceptionTranslation".
- // If not AuthenticationException from Custom Filter or Custom Provider
- // will not be catched by AuthenticationEntryPoint.
- .addFilterAfter(httpClientFilter(), ExceptionTranslationFilter.class)
- .exceptionHandling()
- // catch AuthenticationExeption and SecureToken with authenticated=false
- .authenticationEntryPoint(delegatingAuthenticationEntryPoint())
- // catch PermissionDenied Exeption e.g. missing in authorizeRequests()
- .accessDeniedHandler(new ClientRestAccessDeniedHandler())
- .and()
- ...
- public class ClientRestAccessDeniedHandler implements AccessDeniedHandler{
- @Override
- public void handle(HttpServletRequest request, HttpServletResponse response,
- AccessDeniedException accessDeniedException) throws IOException, ServletException {
- final Logger logger = Logger.getLogger(ClientRestAccessDeniedHandler.class);
- if(logger.isDebugEnabled())
- logger.debug("Requered Role for this request is missing!");
- HTTPAuthenticationErrorSender.sendResponse(request, response,
- SecurityContextHolder.getContext().getAuthentication());
- }
- }
- public final class HTTPAuthenticationErrorSender {
- public static void sendResponse(HttpServletRequest request, HttpServletResponse response, Authentication token)
- throws JsonGenerationException, JsonMappingException, IOException{
- final Logger logger = Logger.getLogger(HTTPAuthenticationErrorSender.class);
- if(!(token instanceof HTTPRestSecureToken)){
- if (token != null){
- response.sendError(403, "No valide AuthenticationToken found. Token instance of: "+token.getClass().toString());
- if(logger.isDebugEnabled())
- logger.debug("Send default HTTP Response 403. No HTTPRestSecureToken found. "
- + "Token is instance of: "+token.getClass().getName());
- }
- else {
- response.sendError(403, "No valide AuthenticationToken found. Token is null");
- if(logger.isDebugEnabled())
- logger.debug("Send default HTTP Response 403. No HTTPRestSecureToken found. "
- + "Token is null");
- }
- return;
- }
- HTTPRestSecureToken restToken = (HTTPRestSecureToken) token;
- ObjectMapper mapper = new ObjectMapper();
- AuthenticationErrorResponse authErrorResponse =
- new AuthenticationErrorResponse(restToken.getAuthStatus().getErrorCode(),restToken.getAuthStatus().getDescription());
- String content = mapper.writeValueAsString(authErrorResponse);
- HTTPRestPrincipal principal = (HTTPRestPrincipal) token.getPrincipal();
- if(logger.isDebugEnabled()){
- logger.debug("AccessDenied for request: ["+principal.getFullURI()+"] clientID: ["+principal.getClientID()
- + "] loginMail: ["+principal.getLoginMail()+"]");
- logger.debug("Send following json response: "+content);
- }
- response.setContentType("application/json;charset=UTF-8");
- response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
- response.getWriter().print(content);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement