Spring Security
  1. Spring Security
  2. SEC-1127

SwitchUserProcessingFilter should pass along AuthenticationException when redirecting to failureUrl

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Won't Fix
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 M1
    • Component/s: None
    • Labels:
      None

      Description

      The SwitchUserProcessingFilter currently provides only two options for error handling: redirection to a failure url, or output of a single line of text ('Switch User Failed: message'). It would be nice if the redirect stored the AuthenticationException somewhere in a request attribute / parameter, so that the failure screen could contain more detailed output (i.e. if the failure was related to the account being locked vs disabled, etc).

      Example patch:

      private void redirectToFailureUrl(HttpServletRequest request, HttpServletResponse response,
      AuthenticationException failed) throws IOException {
      logger.debug("Switch User failed", failed);

      if (switchFailureUrl != null)

      { + request.setAttribute( "authenticationException", failed ); sendRedirect(request, response, switchFailureUrl); }

      else

      { response.getWriter().print("Switch user failed: " + failed.getMessage()); response.flushBuffer(); }

      }

        • Note: I am note sure if request attributes will transfer through a redirect; we could pass the failure message as a GET parameter perhaps?

        Activity

        Hide
        Luke Taylor added a comment -

        switch user error handling has already been addressed as part of SEC-745 (see also SEC-959), so you should be able to customize the behaviour to accomodate any requirement by injecting a suitable strategy.

        Show
        Luke Taylor added a comment - switch user error handling has already been addressed as part of SEC-745 (see also SEC-959 ), so you should be able to customize the behaviour to accomodate any requirement by injecting a suitable strategy.
        Hide
        Luke Taylor added a comment -

        No further input, so closing.

        Show
        Luke Taylor added a comment - No further input, so closing.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Jared Stehler
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: