Handling UserDeniedVerificationException at consumer side

[marko1000]

Hi,

What is the best place where UserDeniedVerificationException can be caught at consumer side? This exception is thrown when user chooses to deny verification at provider. OAuth2ClientContextFilter does not handle this exception and I would like to send a redirect to a specific url.

Should I implement a filter which would be a substitute for OAuth2ClientContextFilter and which would catch this exception? Or is there a more cleaner way to do exception handling in this case?

Thanks,
Marko

[stoicflame]

Perhaps a custom AuthenticationEntryPoint and/or AccessDeniedHandler?

http://static.springsource.org/sprin...slation-filter

[marko1000]

ah, yes.. ExceptionTranslationFilter sounds like a right place to handle this exception.. thanks

[marko1000]

There is a problem with this solution. ExceptionProcessingFilter stands and the very end of filter chain and it does not catch exceptions thrown by Oauth2ClientContextFilter or OAuth2ClientProcessingFilter

[stoicflame]

If you're using the standard namespace configuration, the spring security filters are being added after the ExceptionTranslationFilter so it should see any exceptions in the oauth2 context or processing filter(s).

[marko1000]

If you're using the standard namespace configuration, the spring security filters are being added after the ExceptionTranslationFilter so it should see any exceptions in the oauth2 context or processing filter(s).

I'm not using standard namespace configuration. This is the order of filters in my application:
<sec:filter-chain pattern="/facebookLoginService/**" filters="channelProcessingFilter,sessionContextInt egrationFilter,oauth2ClientContextFilter,ssoRememb erMeAuthenticationProcessingFilter,ssoValidationAu thenticationProcessingFilter,logoutFilter,anonymou sProcessingFilter,oauth2ClientProcessingFilter,exc eptionTranslationFilter,filterInvocationIntercepto r" />

[stoicflame]

How come you can't add the oauth2 filters after the exception translation filter?

[marko1000]

How come you can't add the oauth2 filters after the exception translation filter?

I've tried to put oauth processing filter after exception translation filter, but forgot to move oauth context filter also after exception translation filter so etf was catching exceptions thrown by oauth context filter which were should have been caught by oauth processing filter...

now both filters are after exception translation filter, and it works.

thanks for your help