Shiro通过异常类来描述认证失败的原因,比如:
|
AuthenticationToken token = new UsernamePasswordToken(loginName,loginPwd); Subject currentUser = SecurityUtils.getSubject(); try { currentUser.login(token); } catch (UnknownAccountException uae) { log.info("username wasn't in the system."); } catch (IncorrectCredentialsException ice) { log.info("password didn't match."); } catch (LockedAccountException lae) { log.info(account for that username is locked - can't login."); } catch (AuthenticationException ae) { log.info("unexpected condition."); } |
Shiro自带的认证异常类类图如下:
所有的异常类都是继承AuthenticationExceptions。如果现有的异常类不符合您的要求,可以自定义AuthenticationExceptions来代表具体的异常情况。