RFE: Provide a way to translate the JAAS LoginExceptions

[sds]

In my JAASLoginModule, I throw a subclass of LoginException upon InvalidCredentials, UserNotFound, .... However, the current LDAPProvider does not foresee a way to resolve the LoginException into an Acegi exception. I could just throw an Acegi exception straight away, but that would mean that the JAAS login module is dependent on Acegi, while it is the other way around.

To make a long story short, could the class JaasAuthenticationProvider be alter to call a method for resolving the LoginException, so I can subclass it and provide my own resolver ?

Code:

    public Authentication authenticate(Authentication auth)
            try {
                 ....
            } catch (LoginException e) {
                context.publishEvent(new JaasAuthenticationFailedEvent(auth, e));

                // This could become the implementation of resolveLoginException(e); so I can subclass and change behavior
                //We have no way of knowing what caused the exception, so we cannot throw BadCredentialsException, DisabledException, or LockedException.
                //So we'll just throw an AuthenticationServiceException
                throw new AuthenticationServiceException(e.toString());
            }

Stefaan

[sds]

What's more, if the LoginModule throws an Acegi exception straight away, it gets wrapped in a LoginException by JAAS. The exception handler could look if the target exception of the LoginException is an Acegi exception, and use that one.

Code:

      public Authentication authenticate(Authentication auth)
            try {
                 ....
            } catch (LoginException e) {
                context.publishEvent(new JaasAuthenticationFailedEvent(auth, e));
                 resolveLoginException(e);
            } 
            ...

      /**
       * Tries to resolves a JAAS login exception into an Acegie exception, such as BadCredentialsException, DisabledException, UsernameNotFoundException or LockedException
       * @param loginException The login exception causing the failed login
       * @return AcegiSecurityException The corresponding exception of Acegi
       */
      public AcegiSecurityException resolveLoginException(LoginException loginException) {
           // if the code needs to be compatible with pre 1.4, we need to use reflection here
           if (loginException.getCause() instanceof AcegiSecurityException) {
               return (AcegiSecurityException)loginException.getCause();
            } else {
               //We have no way of knowing what caused the exception, so we return the general AuthenticationServiceException
               //So we'll just throw an AuthenticationServiceException
               throw new AuthenticationServiceException(loginException.toString());
            }
      }

Ben, if u want, I'll be happy to contribute the modified JaasAuthenticationProvider (and test case).

Stefaan.

[RayKrueger]

I like both ideas actually...

How about I implement the translateException method, with the default functionality being to check the getCause() method for an AcegiSecurityException.

For example....

Code:

    public Authentication authenticate(Authentication auth) {
            try {
            	...
            } catch (LoginException e) {
                AcegiSecurityException translatedException = translateException(e);
                context.publishEvent(new JaasAuthenticationFailedEvent(auth, translatedException));
                throw translatedException;
            }
        }

        return null;
    }

    protected AcegiSecurityException translateException(LoginException e) {
        if (e.getCause() instanceof AcegiSecurityException) {
            return (AcegiSecurityException) e.getCause();
        } else {
            return new AuthenticationServiceException(e.toString());
        }
    }