Apache Shiro 认证失败处理

Shiro通过异常类来描述认证失败的原因,比如:

AuthenticationToken token = new UsernamePasswordToken(loginName,loginPwd);

Subject currentUser = SecurityUtils.getSubject();

try {

currentUser.login(token);

} catch (UnknownAccountException uae) {

log.info("username wasn't in the system.");

} catch (IncorrectCredentialsException ice) {

log.info("password didn't match.");

} catch (LockedAccountException lae) {

log.info(account for that username is locked - can't login.");

} catch (AuthenticationException ae) {

log.info("unexpected condition.");

}

Shiro自带的认证异常类类图如下:


所有的异常类都是继承AuthenticationExceptions。如果现有的异常类不符合您的要求,可以自定义AuthenticationExceptions来代表具体的异常情况。




你可能感兴趣的:(Apache Shiro 认证失败处理)