Announcement Announcement Module
Collapse
No announcement yet.
Handling UserDeniedVerificationException at consumer side Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Handling UserDeniedVerificationException at consumer side

    Hi,

    What is the best place where UserDeniedVerificationException can be caught at consumer side? This exception is thrown when user chooses to deny verification at provider. OAuth2ClientContextFilter does not handle this exception and I would like to send a redirect to a specific url.

    Should I implement a filter which would be a substitute for OAuth2ClientContextFilter and which would catch this exception? Or is there a more cleaner way to do exception handling in this case?

    Thanks,
    Marko

  • #2
    Perhaps a custom AuthenticationEntryPoint and/or AccessDeniedHandler?

    http://static.springsource.org/sprin...slation-filter

    Comment


    • #3
      ah, yes.. ExceptionTranslationFilter sounds like a right place to handle this exception.. thanks

      Comment


      • #4
        There is a problem with this solution. ExceptionProcessingFilter stands and the very end of filter chain and it does not catch exceptions thrown by Oauth2ClientContextFilter or OAuth2ClientProcessingFilter

        Comment


        • #5
          If you're using the standard namespace configuration, the spring security filters are being added after the ExceptionTranslationFilter so it should see any exceptions in the oauth2 context or processing filter(s).

          Comment


          • #6
            Originally posted by stoicflame View Post
            If you're using the standard namespace configuration, the spring security filters are being added after the ExceptionTranslationFilter so it should see any exceptions in the oauth2 context or processing filter(s).
            I'm not using standard namespace configuration. This is the order of filters in my application:
            <sec:filter-chain pattern="/facebookLoginService/**" filters="channelProcessingFilter,sessionContextInt egrationFilter,oauth2ClientContextFilter,ssoRememb erMeAuthenticationProcessingFilter,ssoValidationAu thenticationProcessingFilter,logoutFilter,anonymou sProcessingFilter,oauth2ClientProcessingFilter,exc eptionTranslationFilter,filterInvocationIntercepto r" />

            Comment


            • #7
              How come you can't add the oauth2 filters after the exception translation filter?

              Comment


              • #8
                Originally posted by stoicflame View Post
                How come you can't add the oauth2 filters after the exception translation filter?
                I've tried to put oauth processing filter after exception translation filter, but forgot to move oauth context filter also after exception translation filter so etf was catching exceptions thrown by oauth context filter which were should have been caught by oauth processing filter...

                now both filters are after exception translation filter, and it works.

                thanks for your help

                Comment

                Working...
                X