I believe there are different errors that Spring Security sends for
different events. The one that's commented out below merely grabs the last
one set.
On Thu, Apr 8, 2010 at 2:29 AM, <t...@dds.nl> wrote:
> ok it seems to work.
> don't forget to add:
> <property name="passwordEncoder" ref="passwordEncoder" />
> to myAuthenticationProvider bean in the blow config file.
>
>
> one other question in the login jsp i want to show the error message.
>
> now this is used:
> <c:if test="${param.error != null}">
> <li class="error">
> <img src="${ctx}/images/iconWarning.gif" alt="<fmt:message
> key='icon.warning'/>" class="icon"/>
> <fmt:message key="errors.password.mismatch"/>
> <%--${sessionScope.SPRING_SECURITY_LAST_EXCEPTION.message}--%>
> </li>
> </c:if>
>
> how can i diffirentiate between different errors?
> (wrong credentials or no more attempts)
>
>
> tibi
>
>
>
>
>
> ok it works.
>>
>> what i did:
>>
>> in the applicationContext-struts.xml i added (changed) this:
>>
>> <beans xmlns="http://www.springframework.org/schema/beans";
>> xmlns:security="http://www.springframework.org/schema/security";
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>> xsi:schemaLocation="http://www.springframework.org/schema/beans
>> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
>> http://www.springframework.org/schema/security
>>
>> http://www.springframework.org/schema/security/spring-security-2.0.xsd";
>> default-lazy-init="true">
>>
>> <bean id="adminInterceptor"
>>
>>
>> class="nl.rapidsugar.emailOpMaat.webapp.interceptor.UserRoleAuthorizationInterceptor">
>> <property name="authorizedRoles" value="ROLE_ADMIN" />
>> </bean>
>> <bean id="authenticationManager"
>> class="org.springframework.security.providers.ProviderManager">
>> <property name="providers">
>> <list>
>> <ref local="myAuthenticationProvider" />
>> </list>
>> </property>
>> </bean>
>>
>> <bean id="myAuthenticationProvider"
>>
>>
>> class="nl.rapidsugar.emailOpMaat.webapp.interceptor.MyAuthenticationProvider">
>> <security:custom-authentication-provider />
>> <property name="userDetailsService" ref="userDao" />
>> </bean>
>> ....
>>
>> basicaly i'm adding a bean into the providers list.
>>
>> than a java class:
>>
>> package nl.rapidsugar.emailOpMaat.webapp.interceptor;
>>
>> import org.springframework.security.AuthenticationException;
>> import
>>
>> org.springframework.security.providers.UsernamePasswordAuthenticationToken;
>> import
>> org.springframework.security.providers.dao.DaoAuthenticationProvider;
>> import org.springframework.security.userdetails.UserDetails;
>>
>> public class MyAuthenticationProvider extends DaoAuthenticationProvider {
>>
>> @Override
>> protected void additionalAuthenticationChecks(UserDetails
>> userDetails,
>> UsernamePasswordAuthenticationToken authentication)
>> throws AuthenticationException {
>> // TODO Auto-generated method stub
>> super.additionalAuthenticationChecks(userDetails,
>> authentication);
>> }
>> }
>>
>>
>> in debug mode i'm hitting this method... so now lets see what i can do
>> here :D
>>
>> have fun!
>>
>>
>>> i will look into this tomorrow:
>>>
>>> http://forum.springsource.org/showthread.php?t=52377
>>>
>>>
>>>
>>> Quoting t...@dds.nl:
>>>
>>> :(
>>>>
>>>>
>>>> i will...
>>>>
>>>>
>>>>
>>>>
>>>> Quoting Matt Raible <m...@raibledesigns.com>:
>>>>
>>>> Unfortunately, I don't know the answer to this. You might search Spring
>>>>> Security's forums.
>>>>>
>>>>> On Tue, Apr 6, 2010 at 12:25 PM, <t...@dds.nl> wrote:
>>>>>
>>>>> some investigation led me to the
>>>>>> postAuthenticationChecks
>>>>>>
>>>>>> seems to do the trick. but how can i inject my own class there?
>>>>>>
>>>>>> is it autowired?
>>>>>>
>>>>>> thanks for any pointers,
>>>>>>
>>>>>> tibi
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> hi list
>>>>>>
>>>>>>> hi matt,
>>>>>>>
>>>>>>> i need to count the wrong logins (after 3 wrong logins block
>>>>>>> account).
>>>>>>> how can i get in the loop of j_security_check?
>>>>>>>
>>>>>>>
>>>>>>> thanks,
>>>>>>>
>>>>>>> tibi
>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
>>>>>>> For additional commands, e-mail: users-h...@appfuse.dev.java.net
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
>>>>>> For additional commands, e-mail: users-h...@appfuse.dev.java.net
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
>>>> For additional commands, e-mail: users-h...@appfuse.dev.java.net
>>>>
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
>>> For additional commands, e-mail: users-h...@appfuse.dev.java.net
>>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
>> For additional commands, e-mail: users-h...@appfuse.dev.java.net
>>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
> For additional commands, e-mail: users-h...@appfuse.dev.java.net
>
>
