package kr.wisestone.owl.config.security.handler; import kr.wisestone.owl.common.MessageAccessor; import kr.wisestone.owl.constant.Constants; import kr.wisestone.owl.constant.MsgConstants; import kr.wisestone.owl.util.ConvertUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; import org.springframework.stereotype.Component; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; import java.util.HashMap; import java.util.Map; @Component public class AjaxAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler { private final Logger log = LoggerFactory.getLogger(AjaxAuthenticationFailureHandler.class); @Autowired protected MessageAccessor messageAccessor; @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) { Map resJsonData = new HashMap<>(); if (exception instanceof BadCredentialsException) { resJsonData.put(Constants.RES_KEY_MESSAGE, this.messageAccessor.getResMessage(MsgConstants.USER_NOT_EQUAL_PASSWORD, Constants.RES_KEY_MSG_FAIL)); } else { resJsonData.put(Constants.RES_KEY_MESSAGE, this.messageAccessor.getResMessage(exception.getMessage(), Constants.RES_KEY_MSG_FAIL)); } response.setContentType("application/json"); response.setCharacterEncoding("utf-8"); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); String data = ConvertUtil.convertObjectToJson(resJsonData); try { PrintWriter out = response.getWriter(); out.print(data); out.flush(); } catch (IOException e) { log.error(e.getMessage()); } } }