Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Compromised Password Checker Docs Sample Not Working #15305

Closed
marcusdacoregio opened this issue Jun 26, 2024 · 0 comments
Closed

Fix Compromised Password Checker Docs Sample Not Working #15305

marcusdacoregio opened this issue Jun 26, 2024 · 0 comments
Assignees
@marcusdacoregio
Labels
in: docs An issue in Documentation or samples type: bug A general bug
Milestone
6.3.2

Comments

@marcusdacoregio
Copy link
Contributor

The current documentation uses a @ControllerAdvice to handle the CompromisedPasswordException and redirect the user to the /reset-password page:

@ControllerAdvice
public class MyControllerAdvice {

    @ExceptionHandler(CompromisedPasswordException.class)
    public String handleCompromisedPasswordException(CompromisedPasswordException ex, RedirectAttributes attributes) {
        attributes.addFlashAttribute("error", ex.message);
        return "redirect:/reset-password";
    }

}

The Controller Advice won't work for handling compromised passwords when the check is done by Spring Security because the Filter happens before the advice can be applied. Instead, a failureHandler should be used in the formLogin DSL.
@marcusdacoregio marcusdacoregio added in: docs An issue in Documentation or samples type: bug A general bug labels Jun 26, 2024
@marcusdacoregio marcusdacoregio added this to the 6.3.2 milestone Jun 26, 2024
@marcusdacoregio marcusdacoregio self-assigned this Jun 26, 2024
@marcusdacoregio marcusdacoregio mentioned this issue Jun 26, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marcusdacoregio marcusdacoregio

Labels
in: docs An issue in Documentation or samples type: bug A general bug
Projects
None yet
Milestone
6.3.2
Development

No branches or pull requests
1 participant
@marcusdacoregio