How do I handle a custom authentication exception in grails spring-security-rest plugin?

Question

I am using Grails with the spring-security-rest plugin.

How do I make sure all user authentication errors get logged?

I am finding that security exceptions thrown within the plugin are not being logged using my current config. I want any user authentication error to be logged at the ERROR level.

I tried enabling debug logging for 'grails.plugin.springsecurity.rest', but this logs way too much information.

What I started to do instead was define a spring ApplicationListener for the errors I wanted to catch. I found that not all errors from the plugin generate events. For example, TokenNotFoundException doesn't have a mapping in the DefaultAuthenticationEventPublisher.

How do I add mappings to the DefaultAuthenticationEventPublisher? Is this the best way to tackle this, or is there another, easier way?

score 2 · Answer 1 · answered Feb 07 '17 at 20:46

Better late than never...

I have a similar situation and I register a couple of ApplicationListener that could help you.

I used the FailSecurityEventListener, that handle the event that fire the error. RestAuthenticationFailureHandler, BearerTokenAuthenticationFailureHandler and BearerTokenAccessDeniedHandler could help you too and to see all available you can see in the API doc: http://alvarosanchez.github.io/grails-spring-security-rest/latest/docs/gapi/

How do I handle a custom authentication exception in grails spring-security-rest plugin?

1 Answers1