Permalink
Fetching contributors…
Cannot retrieve contributors at this time
36 lines (26 sloc) 1.1 KB

Error Handling

{project_name} has some error handling facilities for servlet based client adapters. When an error is encountered in authentication, {project_name} will call HttpServletResponse.sendError(). You can set up an error-page within your web.xml file to handle the error however you want. {project_name} can throw 400, 401, 403, and 500 errors.

<error-page>
    <error-code>403</error-code>
    <location>/ErrorHandler</location>
</error-page>

{project_name} also sets a HttpServletRequest attribute that you can retrieve. The attribute name is org.keycloak.adapters.spi.AuthenticationError, which should be casted to org.keycloak.adapters.OIDCAuthenticationError.

For example:

import org.keycloak.adapters.OIDCAuthenticationError;
import org.keycloak.adapters.OIDCAuthenticationError.Reason;
...

OIDCAuthenticationError error = (OIDCAuthenticationError) httpServletRequest
    .getAttribute('org.keycloak.adapters.spi.AuthenticationError');

Reason reason = error.getReason();
System.out.println(reason.name());