Custom AuthenticationFailureHandler

i am tryna make a Custom Authentication Failure Handler like this ->
@Component
public class CustomAuthenticationHandler implements AuthenticationFailureHandler {

@Autowired
private UserRepository userRepository;
private static final org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(CustomAuthenticationHandler.class);

@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {

logger.info("CustomAuthenticationFailureHandler invoked");

if (exception instanceof BadCredentialsException) {

String email = request.getParameter("username");
boolean emailExists = checkEmail(email);

if (!emailExists) {
logger.warn(" User not registered with email : {}", email);
response.sendRedirect("/login?error=email");
} else {
logger.warn(" Incorrect password for email: {}", email);
response.sendRedirect("/login?error=password");
}
} else {
logger.error("Authentication failed due to: {}", exception.getMessage());
response.sendRedirect("/login?error");
}
}

private boolean checkEmail(String email) {
Optional<User> user = userRepository.findByEmail(email);
return user.isPresent();
}

}
@Component
public class CustomAuthenticationHandler implements AuthenticationFailureHandler {

@Autowired
private UserRepository userRepository;
private static final org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(CustomAuthenticationHandler.class);

@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {

logger.info("CustomAuthenticationFailureHandler invoked");

if (exception instanceof BadCredentialsException) {

String email = request.getParameter("username");
boolean emailExists = checkEmail(email);

if (!emailExists) {
logger.warn(" User not registered with email : {}", email);
response.sendRedirect("/login?error=email");
} else {
logger.warn(" Incorrect password for email: {}", email);
response.sendRedirect("/login?error=password");
}
} else {
logger.error("Authentication failed due to: {}", exception.getMessage());
response.sendRedirect("/login?error");
}
}

private boolean checkEmail(String email) {
Optional<User> user = userRepository.findByEmail(email);
return user.isPresent();
}

}
3 Replies
JavaBot
JavaBot6mo ago
This post has been reserved for your question.
Hey @Danix! Please use /close or the Close Post button above when your problem is solved. Please remember to follow the help guidelines. This post will be automatically closed after 300 minutes of inactivity.
TIP: Narrow down your issue to simple and precise questions to maximize the chance that others will reply in here.
Danix
DanixOP6mo ago
@GetMapping("/Login")
public String loginPage(@RequestParam(value = "error", required = false) String error, Model model) {

if (error != null) {
if (error.equals("email")) {
model.addAttribute("error", "User is not registered");
} else if (error.equals("password")) {
model.addAttribute("error", "The Password is Incorrect");
} else {
model.addAttribute("error", "Authentication failed");
}
}
return "login";
}
@GetMapping("/Login")
public String loginPage(@RequestParam(value = "error", required = false) String error, Model model) {

if (error != null) {
if (error.equals("email")) {
model.addAttribute("error", "User is not registered");
} else if (error.equals("password")) {
model.addAttribute("error", "The Password is Incorrect");
} else {
model.addAttribute("error", "Authentication failed");
}
}
return "login";
}
but i dont know why but after putting wrong credentials i am getting the same url localhost:8080/Login Instead of `localhost:8080/Login?error from this i am also not getting any message over the login page @dan1st | Daniel can u help i am not able to redirect to localhost:8080/Login?error even after getting a error
package com.ShelfSpace.ShelfSpace.customHandlers;

import java.io.IOException;

import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

@Component
public class CustomAuthenticationHandler implements AuthenticationFailureHandler {

private static final org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(CustomAuthenticationHandler.class);

@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {

logger.info("CustomAuthenticationFailureHandler invoked");

if (exception instanceof BadCredentialsException) {
logger.warn("Incorrect credentials provided for email: {}", request.getParameter("username"));
String redirectUrl = request.getContextPath() + "/login?error";
response.sendRedirect(redirectUrl);
}
}
}
package com.ShelfSpace.ShelfSpace.customHandlers;

import java.io.IOException;

import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

@Component
public class CustomAuthenticationHandler implements AuthenticationFailureHandler {

private static final org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(CustomAuthenticationHandler.class);

@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {

logger.info("CustomAuthenticationFailureHandler invoked");

if (exception instanceof BadCredentialsException) {
logger.warn("Incorrect credentials provided for email: {}", request.getParameter("username"));
String redirectUrl = request.getContextPath() + "/login?error";
response.sendRedirect(redirectUrl);
}
}
}
JavaBot
JavaBot6mo ago
💤 Post marked as dormant
This post has been inactive for over 300 minutes, thus, it has been archived. If your question was not answered yet, feel free to re-open this post or create a new one. In case your post is not getting any attention, you can try to use /help ping. Warning: abusing this will result in moderative actions taken against you.

Did you find this page helpful?