CAS 数据库校验

1. UnknownUsernameAuthenticationException --> BadUsernameOrPasswordAuthenticationException --> BadCredentialsAuthenticationException --> AuthenticationException -->

  Exception

2. AuthenticationManagerImpl类

    调用authenticateAndObtainPrincipal先检查是否支持credentials，

    然后authenticationHandler.authenticate(credentials)，

    然后doAuthentication(credentials) ，

    然后authenticateUsernamePasswordInternal((UsernamePasswordCredentials) credentials)，

    然后QueryDatabaseAuthenticationHandler调用，authenticateUsernamePasswordInternal验证数据库

3. 抛出BadCredentialsAuthenticationException.ERROR异常

    

    /**     * @throws IllegalArgumentException     *             if the ServiceTicketId or the Credentials are null.     */    @Audit(action = "PROXY_GRANTING_TICKET",            actionResolverName = "GRANT_PROXY_GRANTING_TICKET_RESOLVER",            resourceResolverName = "GRANT_PROXY_GRANTING_TICKET_RESOURCE_RESOLVER")    @Profiled(tag = "GRANT_PROXY_GRANTING_TICKET", logFailuresSeparately = false)    @Transactional(readOnly = false)    public String delegateTicketGrantingTicket(final String serviceTicketId,            final Credentials credentials) throws TicketException

    转化为AuthenticationException e，

    转化为TicketCreationException(e)

4. CaptchaAuthenticationViaFormAction类

    

        try {            WebUtils.putTicketGrantingTicketInRequestScope(context, this.centralAuthenticationService.createTicketGrantingTicket(credentials));            putWarnCookieIfRequestParameterPresent(context);            return "success";        } catch (final TicketException e) {            populateErrorsInstance(e, messageContext);            return "error";        }

     捕获异常，进入populateErrorsInstance(e, messageContext);

     

    private void populateErrorsInstance(final TicketException e, final MessageContext messageContext) {        try {            messageContext.addMessage(new MessageBuilder().error().code(e.getCode()).defaultText(e.getCode()).build());        } catch (final Exception fe) {            logger.error(fe.getMessage(), fe);        }    }

       通过MessageContext，Spring的机制输出到页面<form:form errors/>