Spring Security, handling of exception in UserDetailsService

At the moment trying to get to work Spring Security with Mongodb. And everything works, except that if the user is not in the database, instead of a message about this exception falls 500 (AuthenticationServiceException) that I actually called.
In case of successful match the user name and password go to default-target-url
if only match name, authentication-failure
In all examples I've seen, the design is such that tell me where I'm wrong (or how to correctly catch the exception, it seems to me that it should be easier than explicitly catch them?).

(gist for these files)

Override UserDetailsService:

@Service
public class MongoUserDetailsService implements UserDetailsService {

@Override
 public UserDetails loadUserByUsername(String username) throws AuthenticationServiceException {
 MongoOperations mongoOperations = null;

 try {
 mongoOperations = new MongoTemplate(new Mongo(), "mydb");
 } catch (UnknownHostException e) {
e.printStackTrace();
 } catch (MongoException e) {
e.printStackTrace();
}
 try {

 Query Query = new Query(Criteria.where("email").is(username));
 System.out.println("query ready to go");
 Customer customer = mongoOperations.findOne(query, Customer.class);
 System.out.println("query done");
 if (customer == null){
 throw new AuthenticationServiceException("Authentication failed for user" + username);

}
 boolean enabled = true;
 boolean accountNonExpired = true;
 boolean credentialsNonExpired = true;
 boolean accountNonLocked = true;

 return new User(
 customer.getUsername(), 
customer.getPassword().toLowerCase(),
enabled
accountNonExpired,
credentialsNonExpired,
accountNonLocked,
getAuthorities(2));

 } catch (Exception e) {
 System.out.println("query failed");
 throw new RuntimeException(e);
}
}

 public Collection<? -- extends GrantedAuthority> getAuthorities(Integer role) {
 List<grantedauthority> authList = getGrantedAuthorities(getRoles(role));
 return authList;
}


 public List<string> getRoles(Integer role) {
 List<string> roles = new ArrayList<string>();

 if (role.intValue() == 1) {
roles.add("ROLE_USER");
roles.add("ROLE_ADMIN");

 } else if (role.intValue() == 2) {
roles.add("ROLE_USER");
}

 return roles;
}

 public static List<grantedauthority> getGrantedAuthorities(List<string> roles) {
 List<grantedauthority> authorities = new ArrayList<grantedauthority>();
 for (String role : roles) {
 authorities.add(new GrantedAuthorityImpl("ROLE_USER"));
}
 return authorities;
}
}
</grantedauthority></grantedauthority></string></grantedauthority></string></string></string></grantedauthority>


and security.xml

<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemalocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
 <http access-denied-page="/error403.jsp">
 <intercept-url pattern="/index*" access="ROLE_USER,ROLE_ANONYMOUS">
 <intercept-url pattern="/add*" access="ROLE_USER">
 <intercept-url pattern="/delete/*" access="ROLE_ADMIN">
 <form-login login-page="/login.jsp" default-target-url="/index" authentication-failure-url="/login.jsp?error=true">
 <logout logout-url="/logout" logout-success-url="/index">
 <anonymous username="guest" granted-authority="ROLE_ANONYMOUS">
 <remember-me user-service-ref="userDetailsService">
</remember-me></anonymous></logout></form-login></intercept-url></intercept-url></intercept-url></http>
<authentication-manager>
 <authentication-provider user-service-ref="mongoUserDetailsService">
</authentication-provider></authentication-manager>
<beans:bean id="mongoUserDetailsService" class="com.company.testproj.utils.MongoUserDetailsService">
</beans:bean></beans:beans>
October 8th 19 at 02:29
0 answer

Find more questions by tags MongoDBNoSQLSpring