View Full Version : Handling UserDeniedVerificationException at consumer side
marko1000
Mar 9th, 2011, 06:56 AM
Hi,
What is the best place where UserDeniedVerificationException can be caught at consumer side? This exception is thrown when user chooses to deny verification at provider. OAuth2ClientContextFilter does not handle this exception and I would like to send a redirect to a specific url.
Should I implement a filter which would be a substitute for OAuth2ClientContextFilter and which would catch this exception? Or is there a more cleaner way to do exception handling in this case?
Thanks,
Marko
stoicflame
Mar 11th, 2011, 12:55 PM
Perhaps a custom AuthenticationEntryPoint and/or AccessDeniedHandler?
http://static.springsource.org/spring-security/site/docs/3.0.x/reference/springsecurity-single.html#exception-translation-filter
marko1000
Mar 14th, 2011, 05:43 PM
ah, yes.. ExceptionTranslationFilter sounds like a right place to handle this exception.. thanks
marko1000
Mar 15th, 2011, 04:34 AM
There is a problem with this solution. ExceptionProcessingFilter stands and the very end of filter chain and it does not catch exceptions thrown by Oauth2ClientContextFilter or OAuth2ClientProcessingFilter
stoicflame
Mar 21st, 2011, 12:42 PM
If you're using the standard namespace configuration, the spring security filters are being added after the ExceptionTranslationFilter so it should see any exceptions in the oauth2 context or processing filter(s).
marko1000
Mar 23rd, 2011, 08:34 AM
If you're using the standard namespace configuration, the spring security filters are being added after the ExceptionTranslationFilter so it should see any exceptions in the oauth2 context or processing filter(s).
I'm not using standard namespace configuration. This is the order of filters in my application:
<sec:filter-chain pattern="/facebookLoginService/**" filters="channelProcessingFilter,sessionContextIntegrationF ilter,oauth2ClientContextFilter,ssoRememberMeAuthe nticationProcessingFilter,ssoValidationAuthenticat ionProcessingFilter,logoutFilter,anonymousProcessi ngFilter,oauth2ClientProcessingFilter,exceptionTra nslationFilter,filterInvocationInterceptor" />
stoicflame
Mar 23rd, 2011, 10:26 AM
How come you can't add the oauth2 filters after the exception translation filter?
marko1000
Mar 23rd, 2011, 10:53 AM
How come you can't add the oauth2 filters after the exception translation filter?
I've tried to put oauth processing filter after exception translation filter, but forgot to move oauth context filter also after exception translation filter so etf was catching exceptions thrown by oauth context filter which were should have been caught by oauth processing filter...
now both filters are after exception translation filter, and it works.
thanks for your help
Powered by vBulletin® Version 4.2.1 Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.