CAS自定义错误信息
1.1开始定义错误信息
定义错误之前,我们先看看login-webflow.xml以下代码
<action-state id="realSubmit">
<evaluate expression="authenticationViaFormAction.submit(flowRequestContext, flowScope.credential, messageContext)" />
<transition on="warn" to="warn" />
<transition on="success" to="sendTicketGrantingTicket" />
<transition on="successWithWarnings" to="showMessages" />
<transition on="authenticationFailure" to="handleAuthenticationFailure" />
<transition on="error" to="generateLoginTicket" />
</action-state>
在这里指定了,身份认证失败交给handleAuthenticationFailure进行处理,那我们在看看handleAuthenticationFailure定义的代码
<action-state id="handleAuthenticationFailure">
<evaluate expression="authenticationExceptionHandler.handle(currentEvent.attributes.error, messageContext)" />
<transition on="AccountDisabledException" to="casAccountDisabledView"/>
<transition on="AccountLockedException" to="casAccountLockedView"/>
<transition on="CredentialExpiredException" to="casExpiredPassView"/>
<transition on="InvalidLoginLocationException" to="casBadWorkstationView"/>
<transition on="InvalidLoginTimeException" to="casBadHoursView"/>
<transition on="FailedLoginException" to="generateLoginTicket"/>
<transition on="AccountNotFoundException" to="generateLoginTicket"/>
<transition on="UNKNOWN" to="generateLoginTicket"/>
</action-state>
在handleAuthenticationFailure指定了表达式authenticationExceptionHandler.handle(currentEvent.attributes.error, messageContext),
authenticationExceptionHandler定义在cas-servlet.xml中,打开cas-servlet.xml找到,代码如下:
<bean id="authenticationExceptionHandler" class="org.jasig.cas.web.flow.AuthenticationExceptionHandler" />
这样我们就简单了,查看下该类的源代码,我们发现cas默认给我们提供了以下异常类,如下:
static {
DEFAULT_ERROR_LIST.add(javax.security.auth.login.AccountLockedException.class);
DEFAULT_ERROR_LIST.add(javax.security.auth.login.FailedLoginException.class);
DEFAULT_ERROR_LIST.add(javax.security.auth.login.CredentialExpiredException.class);
DEFAULT_ERROR_LIST.add(javax.security.auth.login.AccountNotFoundException.class);
DEFAULT_ERROR_LIST.add(org.jasig.cas.authentication.AccountDisabledException.class);
DEFAULT_ERROR_LIST.add(org.jasig.cas.authentication.InvalidLoginLocationException.class);
DEFAULT_ERROR_LIST.add(org.jasig.cas.authentication.InvalidLoginTimeException.class);
}
cas提供的异常封装基本上都能满足要求,那我们在看异常处理的方法handle,代码如下:
public String handle(final AuthenticationException e, final MessageContext messageContext) {
if (e != null) {
for (final Class<? extends Exception> kind : this.errors) {
for (final Class<? extends Exception> handlerError : e.getHandlerErrors().values()) {
if (handlerError != null && handlerError.equals(kind)) {
final String messageCode = this.messageBundlePrefix + handlerError.getSimpleName();
messageContext.addMessage(new MessageBuilder().error().code(messageCode).build());
return handlerError.getSimpleName();
}
}
}
}
final String messageCode = this.messageBundlePrefix + UNKNOWN;
logger.trace("Unable to translate handler errors of the authentication exception {}. Returning {} by default...", e, messageCode);
messageContext.addMessage(new MessageBuilder().error().code(messageCode).build());
return UNKNOWN;
}
相信大家都能看懂这个方法,cas在收到指定异常的时候,错误CODE等于默认常量加异常名称。如果收到的异常不是默认指定的,
则返回的错误代码就是默认的错误代码(authenticationFailure.UNKNOWN),打开国际化文件messages.properties,
我们找到该错误信息为:Invalid credentials.,是不是我们之前登录错误提示的呢。代码如下:
authenticationFailure.AccountDisabledException=This account has been disabled.
authenticationFailure.AccountLockedException=This account has been locked.
authenticationFailure.CredentialExpiredException=Your password has expired.
authenticationFailure.InvalidLoginLocationException=You cannot login from this workstation.
authenticationFailure.InvalidLoginTimeException=Your account is forbidden to login at this time.
authenticationFailure.AccountNotFoundException=Invalid credentials.
authenticationFailure.FailedLoginException=Invalid credentials.
authenticationFailure.UNKNOWN=Invalid credentials.
修改对应的错误提示即可,在其余的语言文件中是没有以上这些定义,如果有需要拷贝到相应的语言中增加即可,
以上的错误信息是cas默认提供的,如果满足不了需求,直接自定义异常即可。
到这里就OK了,登录试试看。。。。。。。。