Pac4j OIDC with Spring Security

[vishal gaurav]

Hi,

I am using pac4j oidc along with spring-security-pac4j.

I am looking to capture the Authentication Exception and return a nice formatted response.

Spring Security provides AuthenticationEntryPoint and  AccessDeniedHandler.

 But they are not getting called in my case.

If i provide bad token I see the error in log 

 UserInfoOidcAuthenticator      : Bad User Info response, error={error_description=The access token is invalid., error=invalid_token}

But the control is not passed to the accessDenied Handler.

Any Help ?

[vishal gaurav]

I am using version 4.5.6 ( Still stuck with java 8)  

[Jérôme LELEU]

Hi,

A TechnicalException should be thrown: what's the stack trace?

Thanks.

Best regards,

Jérôme

--
You received this message because you are subscribed to the Google Groups "Pac4j users mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pac4j-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/pac4j-users/0bcc93b1-5440-4ea6-89f2-e742ee81bdb1n%40googlegroups.com.

[vishal gaurav]

I think I got it now. In case of pac4j with spring security , It seems Spring security flow ( filter) is never invoked unless pac4j bridge fills spring security context. So any customisation around authentication  flow of spring won;t be invoked with pac4j-spring-security.