------------------------------------------------------------ revno: 13308 committer: Morten Olav Hansen <morte...@gmail.com> branch nick: dhis2 timestamp: Wed 2013-12-18 15:20:55 +0100 message: changed to using securityexceptiontranslationhandler in security.xml, adds ?failed=true for wrong username/password, ?expired=true for expired accounts modified: dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml
-- lp:dhis2 https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk Your team DHIS 2 developers is subscribed to branch lp:dhis2. To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml' --- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2013-09-01 20:44:11 +0000 +++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2013-12-18 14:20:55 +0000 @@ -27,8 +27,8 @@ <sec:http access-decision-manager-ref="accessDecisionManager" use-expressions="true" realm="DHIS2"> <sec:form-login default-target-url="/" always-use-default-target="false" + authentication-failure-handler-ref="securityExceptionTranslationHandler" login-processing-url="/dhis-web-commons-security/login.action" - authentication-failure-url="/dhis-web-commons/security/login.action?failed=true" login-page="/dhis-web-commons/security/login.action" authentication-success-handler-ref="defaultAuthenticationSuccessHandler" /> <sec:http-basic /> @@ -44,6 +44,16 @@ <sec:custom-filter ref="customAuthenticationFilter" before="FORM_LOGIN_FILTER" /> </sec:http> + <bean id="securityExceptionTranslationHandler" + class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler"> + <property name="exceptionMappings"> + <props> + <prop key="org.springframework.security.authentication.AccountExpiredException">/dhis-web-commons/security/login.action?expired=true</prop> + </props> + </property> + <property name="defaultFailureUrl" value="/dhis-web-commons/security/login.action?failed=true" /> + </bean> + <!-- Security : Action --> <bean id="restrictOrganisationUnitsAction" class="org.hisp.dhis.security.action.RestrictOrganisationUnitsAction" scope="prototype">
_______________________________________________ Mailing list: https://launchpad.net/~dhis2-devs Post to : dhis2-devs@lists.launchpad.net Unsubscribe : https://launchpad.net/~dhis2-devs More help : https://help.launchpad.net/ListHelp