zoukankan      html  css  js  c++  java
  • 异常类的妙用

    以往在使用异常时,只是知道通过异常类的构造方法设置一些出错信息,此外最多就是把引起该异常的原因通过Throwable类的子类一同设置进去。今天在分析springSecurity3.0.5的框架时,看到AuthenticationException这个异常类(用在验证时)的源码,发现这个异常类除了上述常见的用法外,还把Authentication(验证信息)的做为属性放到了异常类中,当验证出错时AuthenticationException抛出时,Authentication(验证信息)一同被抛出了,这样捕获异常的类就能得到更丰富的信息,有些数据还可以通过异常类返回给调用者。看了这样的代码,思路不由地开阔了不少。该类源码如下:

     1 package org.springframework.security.core;
    2
    3 /**
    4 * Abstract superclass for all exceptions related to an {@link Authentication} object being invalid for whatever
    5 * reason.
    6 *
    7 * @author Ben Alex
    8 */
    9 public abstract class AuthenticationException extends RuntimeException {
    10 //~ Instance fields ================================================================================================
    11
    12 private Authentication authentication;
    13 private Object extraInformation;
    14
    15 //~ Constructors ===================================================================================================
    16
    17 /**
    18 * Constructs an <code>AuthenticationException</code> with the specified message and root cause.
    19 *
    20 * @param msg the detail message
    21 * @param t the root cause
    22 */
    23 public AuthenticationException(String msg, Throwable t) {
    24 super(msg, t);
    25 }
    26
    27 /**
    28 * Constructs an <code>AuthenticationException</code> with the specified message and no root cause.
    29 *
    30 * @param msg the detail message
    31 */
    32 public AuthenticationException(String msg) {
    33 super(msg);
    34 }
    35
    36 public AuthenticationException(String msg, Object extraInformation) {
    37 super(msg);
    38 this.extraInformation = extraInformation;
    39 }
    40
    41 //~ Methods ========================================================================================================
    42
    43 /**
    44 * The authentication request which this exception corresponds to (may be <code>null</code>)
    45 */
    46 public Authentication getAuthentication() {
    47 return authentication;
    48 }
    49
    50 public void setAuthentication(Authentication authentication) {
    51 this.authentication = authentication;
    52 }
    53
    54 /**
    55 * Any additional information about the exception. Generally a <code>UserDetails</code> object.
    56 *
    57 * @return extra information or <code>null</code>
    58 */
    59 public Object getExtraInformation() {
    60 return extraInformation;
    61 }
    62
    63 public void clearExtraInformation() {
    64 this.extraInformation = null;
    65 }
    66 }

    下面是在AbstractAuthenticationManager类中被使用到的片断:

     public final Authentication authenticate(Authentication authRequest) throws AuthenticationException {
            try {
                return doAuthentication(authRequest);
            } catch (AuthenticationException e) {
                e.setAuthentication(authRequest);
    
                if (clearExtraInformation) {
                    e.clearExtraInformation();
                }
    
                throw e;
            }
        }
    

     通过上述两段源码可以看到,老外在写代码时考虑得很细,在异常类中加入了额外信息后,还提供了一个 clearExtraInformation()方法,用来清除额外信息。

  • 相关阅读:
    [BUUOJ记录] [强网杯 2019]随便注(三种方法)
    Content Security Policy (CSP)内容安全策略总结
    [HGAME Week2] Cosmos的博客后台
    [BUUOJ记录] [ACTF2020 新生赛]Include
    PHP弱类型hash比较缺陷
    CTF常见源码泄漏总结
    Sqlmap Tamper绕过脚本详解
    Golden Pyramid
    Prime Palindrome Golf
    Min and Max
  • 原文地址:https://www.cnblogs.com/hzhuxin/p/2285101.html
Copyright © 2011-2022 走看看