Spring security spring security要覆盖哪个类以获取错误的密码
在SpringSecurity3.0.5.RELEASE中,我可以覆盖哪个类和方法来捕获错误密码的BadCredentialsException。下面是我的security.xml的一个片段Spring security spring security要覆盖哪个类以获取错误的密码,spring-security,Spring Security,在SpringSecurity3.0.5.RELEASE中,我可以覆盖哪个类和方法来捕获错误密码的BadCredentialsException。下面是我的security.xml的一个片段 <beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> <beans:property
<beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="hideUserNotFoundExceptions" value="true" />
<beans:property name="userDetailsService" ref="userDao"/>
<beans:property name="passwordEncoder" ref="passwordEncoder"/>
</beans:bean>
<security:authentication-manager>
<security:authentication-provider ref='daoAuthenticationProvider'/>
</security:authentication-manager>
子类SimpleRuthenticationFailureHandler并重写AuthenticationFailure()。它获得一个传递给它的异常。异常。getAuthentication().getCredentials()将返回尝试的密码 在表单登录元素中配置AuthenticationFailureHandler:
<form-login authentication-failure-handler-ref="authenticationFailureHandler" />