Re: ExceptionMapper for Spring Security exceptions doesn't work

Thu, 13 Feb 2014 13:27:06 -0800 

Hi
On 13/02/14 17:25, Jose María Zaragoza wrote:

Hello:

I'm using Apache CXF 2.7.8 + Spring Security 3.1.1

I want to securize an endpoint ( JAX-RS service)  with Basic Auth, and
I'm following this example:

http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/jax_rs/spring_security/

So, I configure the Spring Security filter in web.xml
And all works fine

But I'm interested in capturing all errors in authentication phase, so
to format the response, but this  isn't work.
The ExceptionMapper object is never invoked ( I tried several type of
exceptions ExceptionMapper<T>, included
ExceptionMapper<BadCredentialsException>)

Looking at logs, CXF code is never called ( DEBUG mode). For example:


18:07:23.828 [http-8080-3] DEBUG [BasicAuthenticationFilter]
[doFilter] - Basic Authentication Authorization header found for user
'xxxxxx'
18:07:23.828 [http-8080-3] DEBUG [ProviderManager] [authenticate] -
Authentication attempt using
org.springframework.security.authentication.dao.DaoAuthenticationProvider
18:07:23.828 [http-8080-3] DEBUG [DaoAuthenticationProvider]
[authenticate] - User 'xxxxxx' not found
18:07:23.828 [http-8080-3] DEBUG [BasicAuthenticationFilter]
[doFilter] - Authentication request for failed:
org.springframework.security.authentication.BadCredentialsException:
Bad credentials
18:07:23.828 [http-8080-3] DEBUG
[HttpSessionSecurityContextRepository] [saveContext] - SecurityContext
is empty or contents are anonymous - context will not be stored in
HttpSession.
18:07:23.828 [http-8080-3] DEBUG [SecurityContextPersistenceFilter]
[doFilter] - SecurityContextHolder now cleared, as request processing
completed

That's all

Looks like request is not seen for CXF code
What is wrong ?
I wonder, is it thrown from the filter, before CXF is even invoked ? If so then you;d likely need to get a custom filter sitting in front of Spring Security catching the exceptions... 

Cheers, Sergey


Thanks and regards




--
Sergey Beryozkin

Talend Community Coders
http://coders.talend.com/

Blog: http://sberyozkin.blogspot.com

Reply via email to