@EnableZuulProxy+ @EnableOAuth2Sso + AuthenticationFailureHandler

Question

How can I intercept authentication failures when using @EnableZuulProxy + @EnableOAuth2Sso annotations?

I have an authorization server that authenticates the users against a Microsoft Active Directory server. As I could tell, in Spring Cloud the processes goes like this:

1. The user tries to access an Angular client through a Zuul proxy server
2. The Zuul server checks for the authorization against an authorization server
3. The authorization server, in turn, validates the user credentials against a Microsoft Active Directory server and, if necessary, a login page is shown to the user
4. The user types in the username and password
5. Eventualy, the user's password is expired, and the Microsoft AD answers to the autorization server denying the authentication with a "data 733" code in the error message
6. The authorization server sends the authentication error to Zuul server which, in turn, asks for the login page again with a query parameter (/login?error)

What I want to do is change the query parameter in step 6, to something like /login?error_expired, so I can show a message to the user, telling him that he must update his password before going on.

Thanks in advance for any help.

Answer 1

At last I found out that I was wrong about some assumptions. I had just to intercept a failed authentication attempt in the authorization server itself, using regular Spring Security techniques.