Skip to main content
S
seanccc17-Peridot
17-Peridot
March 1, 2021
Question

How to redirect to an error page if failed in a custom authenticator ?

  • March 1, 2021
  • 1 reply
  • 3592 views

Hi, 

I created a customized authenticator and it throws AuthenticatorException exception if fail to authenticate.  The exception does block the login, but the browser displays a blank page.   I also tried to set the request status to 401, but no difference. 

 

I expected the browser can redirect to a general login error page with the error message of the AuthenticatorException,   it this a out-of-box feature in Thingworx ?  

 

Regards,

Sean

 

 

1 reply

S
slangleyCommunity Manager
Community Manager
March 5, 2021

Hi @seanccc.

 

There is an authentication method called issueAuthenticationChallenge that will allow you to set up a failure condition.  This will allow you to redirect, log an error, throw up another login, etc., but I'm not able to find a lot of information on it.  I am reaching out to our internal teams to get more information.  You might want to play around with this method in the meantime and pass along any questions.

 

Regards.

 

--Sharon

S
seanccc17-PeridotAuthor
17-Peridot
March 7, 2021

@slangley ,

 

Sorry, I clicked "Accept as Solution" by mistake, could you rollback the status of the post ? 

 

I tried throw AuthenticatorException, but the server just response with http code 401 and the browser's login prompt get displayed instead of user friendly error page .  

 

Regards,

Sean

 

S
seanccc17-PeridotAuthor
17-Peridot
March 7, 2021

@slangley ,

 

The following code is what I called in the method issueAuthenticationChallenge: 

AuthenticatorException authenticatorException =
 new AuthenticatorException(
 new InvalidRequestException(exceptionMsg, StatusCode.STATUS_UNAUTHORIZED));
authenticatorException.setAuthenticationType(AuthenticationType.AUTH_THINGWORX_FORM);

throw authenticatorException;

 I notice that the web.xml has error-page for code 401 configured,  but I have no idea why it's not captured . 

 

one of the possible reason would be the response has to set  " httpResponse.addHeader("WWW-Authenticate", "Basic realm=realm"); "

http://www.axlrosen.net/stuff/401.html(https://bz.apache.org/bugzilla/show_bug.cgi?id=13430)

but I found the response does has the setting ,  any more idea ? 

 

seanccc_0-1615130748657.png

 

Regards,

Sean

 

Terms & ConditionsCookie settingsAccessibility statement