Home/ Questions/Q 8179533
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T00:01:15+00:00

I am trying to port an Oauth2 client based on Oauth for Spring Security

  • 0

I am trying to port an Oauth2 client based on Oauth for Spring Security from plain Java/Spring to Grails, and have run into a problem. The crux of the issue appears to be the fact that the design of the Spring Oauth client implementation relies on the assumption that an exception thrown from the Oauth2RestTemplate will be caught in a catch block of the OAuth2ClientContextFilter, thus allowing the filter to issue a redirect response (to send an authorization request to the oath provider).

This works fine in plain Java/Spring but in Grails, the GrailsDispatcherServlet is configured to handle all exceptions via HandlerExceptionResolvers. Thus the exception thrown in the Oauth2RestTemplate (invoked inside a Grails controller) is caught by the GrailsExceptionResolver and is never seen by the OAuth2ClientContextFilter, thus defeating the desired redirect behavior.

All discussions I have found of customizing Grails exception handling all seem to assume that the purpose of the customization is to map the exception to an HTTP error code or to a error page view. But is there some way to tell Grails to simply allow a particular exception to flow through unhandled, so that it can be caught by the servlet filter? Or is it possible to insert a custom HandlerExceptionResolver that re-throws the exception rather than returning a ModelAndView (as is the standard expectation for a HandlerExceptionResolver)? Or is there some other better way to get the Oauth for Spring Security client working inside Grails?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Here’s what I eventually came up with. Not sure if it is the best solution but it seems to work:

    1. Create a new MyDispatcherServlet.groovy:

      package org.example.com

import org.codehaus.groovy.grails.web.servlet.GrailsDispatcherServlet
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
import org.springframework.web.servlet.ModelAndView
import org.springframework.security.oauth2.client.UserRedirectRequiredException

class MyDispatcherServlet extends GrailsDispatcherServlet {

    @Override
    protected ModelAndView processHandlerException(HttpServletRequest request, 
      HttpServletResponse response, Object handler, Exception ex) throws Exception {
        def e = ex
        while (e) {
            if (e instanceof UserRedirectRequiredException) {
                throw ex
            }
            e = e.cause
         }
         return super.processHandlerException(request, response, handler, ex)                                     
     }
}
    2. Run grails install-templates and modify the web.xml to use MyDispatcherServlet instead of the default GrailsDispatcherServlet

    The result is that MyDispatcherServlet will re-throw an exception that contains a UserRedirectRequiredException so that it can be caught by the OAuth2ClientContextFilter, but other exceptions will be passed on and handled as before by the GrailsExceptionResolver.

    • 0