Apache Shiro 认证失败处理

时间:2022-09-23 22:42:31

Shiro通过异常类来描述认证失败的原因,比如:

AuthenticationToken token = new UsernamePasswordToken(loginName,loginPwd); 

Subject currentUser = SecurityUtils.getSubject(); 

try { 

    currentUser.login(token); 

} catch (UnknownAccountException uae) { 

    log.info("username wasn't in the system."); 

} catch (IncorrectCredentialsException ice) { 

    log.info("password didn't match."); 

} catch (LockedAccountException lae) { 

    log.info(account for that username is locked - can't login."); 

} catch (AuthenticationException ae) { 

    log.info("unexpected condition."); 

}

 

       Shiro自带的认证异常类类图如下:

Apache Shiro 认证失败处理

所有的异常类都是继承AuthenticationExceptions。如果现有的异常类不符合您的要求,可以自定义AuthenticationExceptions来代表具体的异常情况。