Home/ Questions/Q 6051655
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T07:50:33+00:00

This is a follow up to this question . I have a custom AuthenticationProvider

  • 0

This is a follow up to this question.

I have a custom AuthenticationProvider that extends AbstractUserDetailsAuthenticationProvider. In the additionalAuthenticationChecks I am doing some custom auth work and part of this process is to display some messages to the user on the login screen. Currently, for testing, I created a UserNotActivatedException:

class UserNotActivatedException extends AuthenticationException {

  public UserNotActivatedException(String message, Throwable t) {
    super(message, t)
  }

  public UserNotActivatedException(String message) {
    super(message)
  }

  public UserNotActivatedException(String message, Object extraInformation) {
    super(message, extraInformation)
  }

}

And in the additionalAuthenticationChecks I am just immediately throwing it for testing. Now, I need to know what I need to do to get my own fail message to show up on the login screen. In the spring-security-core default config, we can override the following:

errors.login.disabled = "Sorry, your account is disabled."
errors.login.expired = "Sorry, your account has expired."
errors.login.passwordExpired = "Sorry, your password has expired."
errors.login.locked = "Sorry, your account is locked."
errors.login.fail = "Sorry, we were not able to find a user with that username and password."

But I don’t see how I can add my own additional messages.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It looks like those messages just get used by the authfail action of the LoginController that gets generated into grails-app/controllers. Here’s the code from the template (in the plugin):

    /**
 * Callback after a failed login. Redirects to the auth page with a warning message.
 */
def authfail = {

    def username = session[UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY]
    String msg = ''
    def exception = session[WebAttributes.AUTHENTICATION_EXCEPTION]
    if (exception) {
        if (exception instanceof AccountExpiredException) {
            msg = SpringSecurityUtils.securityConfig.errors.login.expired
        }
        else if (exception instanceof CredentialsExpiredException) {
            msg = SpringSecurityUtils.securityConfig.errors.login.passwordExpired
        }
        else if (exception instanceof DisabledException) {
            msg = SpringSecurityUtils.securityConfig.errors.login.disabled
        }
        else if (exception instanceof LockedException) {
            msg = SpringSecurityUtils.securityConfig.errors.login.locked
        }
        else {
            msg = SpringSecurityUtils.securityConfig.errors.login.fail
        }
    }

    if (springSecurityService.isAjax(request)) {
        render([error: msg] as JSON)
    }
    else {
        flash.message = msg
        redirect action: auth, params: params
    }
}

    (from ~/.grails/1.3.7/projects/project-name/plugins/spring-security-core-1.1.2/src/templates/LoginController.groovy.template)

    You can probably just add your UserNotActivatedException type to the conditions there.

    • 0