Spring Security Custom Error Message


 

Spring Security Custom Error Message

In this section, you will learn about Custom Error Message in Spring Security.

In this section, you will learn about Custom Error Message in Spring Security.

Spring Security Custom Error Message

In this section, you will learn about Custom Error Message in Spring Security.

Spring Security have predefined error message, which appears when authentication failed. The predefined error message is given below :


Reason: Bad credentials

You can change this predefined failed authentication error message. You need to add the following snippet in the Dispatcher-servlet.xml :

<bean id="messageSource"
	class="org.springframework.context.support.ResourceBundleMessageSource">
		<property name="basenames">
			<list>
				<value>LoginMsg</value>
			</list>
		</property>
</bean>

And also you need to put the following message in the LoginMsg.property file :

AbstractUserDetailsAuthenticationProvider.badCredentials=Wrong username\ /\ password

Please go through this example, if you are not well aware of Spring Security.

EXAMPLE

In the below example, we will going to change it with custom error message :

The project hierarchy and jar file used is given below :

CODE

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>SpringSecurityCustomErrorMsg</display-name>
<servlet>
<servlet-name>Dispatcher</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/Dispatcher-servlet.xml,
/WEB-INF/spring-security.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>

spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.3.xsd">

<http auto-config="true">
<intercept-url pattern="/index*" access="ROLE_USER" />
</http>

<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="roseindia" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>

</beans:beans>

Dispatcher-servlet.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context 
http://www.springframework.org/schema/context/spring-context-3.0.xsd">

<context:component-scan base-package="net.roseindia" />

<bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix">
<value>/WEB-INF/views/</value>
</property>
<property name="suffix">
<value>.jsp</value>
</property>
</bean>

<bean id="messageSource"
class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames">
<list>
<value>LoginMsg</value>
</list>
</property>
</bean>

</beans>

ProjectController.java

package net.roseindia;

import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
@RequestMapping("/index")
public class ProjectController {

@RequestMapping(method = RequestMethod.GET)
public String printWelcome(ModelMap model) {

model.addAttribute("msg", "Hello Friend!! Welcome to Roseindia");
return "welcome";

}
}

LoginMsg.properties

AbstractUserDetailsAuthenticationProvider.badCredentials=Wrong username\ /\ password

OUTPUT

When you try to access the below URL :

http://localhost:9090/SpringSecurityCustomErrorMsg/index

You will get the following page :

If you provide the wrong credential, you will get the following custom error message :

If you provide correct credential(username : user / password : roseindia), you will get the below page :

Download Source Code

Ads