Hi! I've implemented few security constraints with Spring-security in our project. This is working as intended but when a session replaces another one (I mean, one user logs in with X credentials while other is in the same account with the same credentials) an alert-type of message is displayed. After checking in the console, the actual error is due my security implementation.
What I would like to do is to edit the message displayed in the client, as our users are far from being 'techy' and I can imagine them being scared for "Being yelled at 'JSON'". This scenario actually shouldn't happen but better be safe.
So, do I have access to this popup? It seems that is Javascript generated, as it uses ZKs style (Sliding down from the top of the screen).
Have a nice day!
EDIT:
By "Javascript genereted" I meant that this element is generated on event, not that is a Javascript alert. It has 'z-error' class.
EDIT 2: Added image of this message.
Yes these kind of client side errors occur when a security filter redirects (HTTP 302) after every failure. However redirecting a request that expects JSON as a response to a Login page that returns HTML doesn't make sense even technically. So changing the error message would be last 'hack' in case there's no other way to deal with this situation in a better way. For Ajax requests 401 error (instead of a 302) would be more correct + it can be properly handled at client side.
This is quite a lengthy topic so here the recordings of the recent public training sessions on this topic - with detailed explanations/alternatives and workarounds in case there's no other option.
Asked: 2021-01-24 00:14:24 +0800
Seen: 5 times
Last updated: Jan 26
Tags
People
Badges
Help
I increased your karma so you can upload images
cor3000 ( 2021-01-25 17:06:37 +0800 )edit