java - Spring authenticationEntryPoint wont show default Spring Session Defaul Forms (404 error)

Question

I have a Spting boot app 2.4.2. I seted up java secuity login form with no problems.

Now I want to my AJAX request to get an error instead of a redirection if the session is lost.

I added a authenticationEntryPoint to the WebSecurityConfigurerAdapter and seems to work as expected. The problem is that i no longer can get the default login and logout forms to display. I get a 404 error.

My secuirty config

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    
    @Autowired
    private MyLogoutSuccessHandler myLogoutSuccessHandler;
        
    protected void configure(final HttpSecurity http) throws Exception {
        
        http.authorizeRequests()
        .antMatchers("/login**").permitAll()
        .antMatchers("/api/**").permitAll()
        .antMatchers("/css/**").permitAll()
        .anyRequest().authenticated()
        
        .and().formLogin().defaultSuccessUrl("/checador")
        .and().logout().logoutSuccessHandler(myLogoutSuccessHandler)
        .and() 
            .exceptionHandling().
             authenticationEntryPoint(new AjaxAwareAuthenticationEntryPoint("/login"))
        ;
        
           
           
    }

This is my LoginUrlAuthenticationEntryPoint class

@Slf4j
public class AjaxAwareAuthenticationEntryPoint extends LoginUrlAuthenticationEntryPoint     
{
  
    public AjaxAwareAuthenticationEntryPoint(String loginFormUrl) {
        super(loginFormUrl);
    }

    
    public void commence(
        HttpServletRequest request,
        HttpServletResponse response,
        AuthenticationException authException)
        throws IOException, ServletException {
        String ajaxHeader = ((HttpServletRequest) request).getHeader("X-Requested-With");
        boolean isAjax = "XMLHttpRequest".equals(ajaxHeader);
        if (isAjax) {           
            response.sendError(HttpServletResponse.SC_FORBIDDEN, "Ajax REquest Denied (Session Expired)");
        } else {
            super.commence(request, response, authException);
       }
    }
}

With this i get a "There was an unexpected error (type=Not Found, status=404)." If i comment authenticationEntryPoint i will see my default java security session login form.

How can in enable it?

Thanks

question from:https://stackoverflow.com/questions/66052074/spring-authenticationentrypoint-wont-show-default-spring-session-defaul-forms-4

Answer 1

Waitting for answers