40 - Spring Boot : How to customize Login Handlers using Spring Security? | Spring Security
#LoginHandlers #SpringSecurity #SpringBoot
#AuthenticationSuccessHandler
Strategy used to handle a successful user authentication.
Implementations can do whatever they want but typical behavior would be to control the navigation to the subsequent destination (using a redirect or a forward). For example, after a user has logged in by submitting a login form, the application needs to decide where they should be redirected to afterwards (see #AbstractAuthenticationProcessingFilter and subclasses). Other logic may also be included if required.
#AuthenticationFailureHandler
Strategy used to handle a failed #authentication attempt.
Typical behaviour might be to redirect the user to the authentication page (in the case of a form login) to allow them to try again. More sophisticated logic might be implemented depending on the type of the exception. For example, a #CredentialsExpiredException might cause a redirect to a web controller which allowed the user to change their password.
#LogoutSuccessHandler
Strategy that is called after a successful logout by the #LogoutFilter, to handle redirection or forwarding to the appropriate destination.
Note that the interface is almost the same as #LogoutHandler but may raise an exception. #LogoutHandler implementations expect to be invoked to perform necessary cleanup, so should not throw exceptions.
