i want to use spring security for my application.
I have to merge Springsec with my custom SSO that works with a web service.
I thought to create a custom filter to add to the ss chain.
My authenticationFilter provide to call the sso webservice and add grantedauthoritys to the authentication.
<sec:http entry-point-ref="authenticationEntryPoint" use-expressions="true">
<sec:custom-filter before="PRE_AUTH_FILTER" ref="authenticationFilter" />
<sec:access-denied-handler ref="accessDeniedHandler" /></sec:http>
I have a little trouble when an exception is thrown by my sso service. I would like to send the user to the exception handler but it just send it to the servelt and i get a raw 500 internal server error.
I also tried to catch the exception and throw a AccessDeniedException, but it is the same.
What i miss?