Package com.broadleafcommerce.auth.authorization.security.rememberme.service.exception

Interface UncaughtRememberMeAuthenticationExceptionHandler

All Superinterfaces:
org.springframework.core.Ordered
All Known Implementing Classes:
RememberMeCookieTheftExceptionHandler
public interface UncaughtRememberMeAuthenticationExceptionHandler extends org.springframework.core.Ordered

If an uncaught AuthenticationException is thrown during the auto-login flow, BroadleafRememberMeAuthenticationFilter will invoke the first handler of this type that can handle the exception.

Note: in quite a few cases, RememberMeServices.autoLogin(HttpServletRequest, HttpServletResponse) implementations internally catch/swallow certain types of AuthenticationException. This is intentional, as in some cases it makes sense for the flow to proceed quietly to the next filter. Such exceptions will not be received by this handler component.

Note: in some cases, the RememberMeServices.autoLogin(HttpServletRequest, HttpServletResponse) returns a non-null authentication and AuthenticationManager rejects it by throwing a AuthenticationException. Such exceptions will not be received by this handler component, as they are handled elsewhere.

  • Field Summary

    Fields inherited from interface org.springframework.core.Ordered

    HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    canHandle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, org.springframework.security.core.AuthenticationException failed)
     
    default int
    getOrder()
     
    void
    handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, org.springframework.security.core.AuthenticationException failed)
    Handle the exception.

  • Method Details

    • canHandle

      boolean canHandle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, org.springframework.security.core.AuthenticationException failed)
      Parameters:
      request - that contained an invalid authentication request
      response - to modify with any changes
      chain - the filter chain containing the next filters. Useful if the handler wants to continue with the remainder of the filter chain.
      failed - the exception that occurred
      Returns:
      whether this handler can handle the exception

    • handle

      void handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, org.springframework.security.core.AuthenticationException failed) throws IOException, jakarta.servlet.ServletException
      Handle the exception. Only invoked if canHandle(HttpServletRequest, HttpServletResponse, FilterChain, AuthenticationException) passes.
      Parameters:
      request - that contained an invalid authentication request
      response - to modify with any changes
      chain - the filter chain containing the next filters. Useful if the handler wants to continue with the remainder of the filter chain.
      failed - the exception that occurred
      Throws:
      IOException
      jakarta.servlet.ServletException

    • getOrder

      default int getOrder()
      Specified by:
      getOrder in interface org.springframework.core.Ordered