Spring security Spring安全性-身份验证期间记录异常
在开发过程中,我们希望记录所有发生的异常并保持默认行为。不幸的是,在进行身份验证时,似乎不可能记录发生的异常 我们已经尝试通过扩展Spring security Spring安全性-身份验证期间记录异常,spring-security,Spring Security,在开发过程中,我们希望记录所有发生的异常并保持默认行为。不幸的是,在进行身份验证时,似乎不可能记录发生的异常 我们已经尝试通过扩展SimpleRuthenticationFailureHandler来修饰默认身份验证失败处理。但我们最终陷入了一个丑陋的重定向循环,因为在设置failureHandler时,“login?error”页面的过滤器会被停用(因为failureUrl将被设置为null) 因此,我们希望实现以下目标: @Slf4j private static class Logging
SimpleRuthenticationFailureHandler@Slf4j
private static class LoggingUrlFailureHandler extends SimpleUrlAuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
log.error("Error while authenticating.", exception);
super.onAuthenticationFailure(request, response, exception);
}
}
@Slf4j
private static class LoggingUrlFailureHandler extends SimpleUrlAuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
log.error("Error while authenticating.", exception);
super.onAuthenticationFailure(request, response, exception);
}
}
websecurityconfiguredapterFailureHandler.and()
.saml2Login(saml2 -> {
saml2.failureHandler(new LoggingUrlFailureHandler());
});
SimpleRuthenticationFailureHandler这发生在
org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurewebsecurityConfigureAdapter