Configure the authentication entry point to handle the failed authentication. When the credentials aren't authorized, this class is mainly responsible for sending the response.
Here's the code of an authentication entry point class named AuthenticationEntryPoint.kt:
@Component
class AuthenticationEntryPoint : BasicAuthenticationEntryPoint() {
@Throws(IOException::class, ServletException::class)
override fun commence(request: HttpServletRequest,
response: HttpServletResponse,
authEx: AuthenticationException) {
response.addHeader("WWW-Authenticate", "Basic realm=$realmName")
response.status = HttpServletResponse.SC_UNAUTHORIZED
val writer = response.writer
writer.println("HTTP Status 401 - " + authEx.message)
}
@Throws(Exception::class)
override fun afterPropertiesSet() {
realmName = "packtpub ssbasicauth"
super.afterPropertiesSet()
}
}
Here, we've extended BasicAuthenticationEntryPoint(). This will return a full description of a 401 Unauthorized response to the client.
401 Unauthorized Error is an HTTP response status code. This indicates that the request sent by the client couldn't be authenticated.