我正在使用Spring Boot REST应用程序。
我注册了一个自定义AuthenticationEntryPoint,如果用户不提供凭据,则返回401 Unauthorized错误。
@Component
public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint {
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
}
}
这很好用,并返回如下所示的JSON格式的DefaultErrorAttributes:
{
"timestamp": 1465230610451,
"status": 401,
"error": "Unauthorized",
"exception": "org.springframework.security.authentication.BadCredentialsException",
"message": "Unauthorized",
"path": "/webapp/login"
}
现在,我已使用以下Filter覆盖将doFilter()添加到应用程序:
@ Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)throws IOException, ServletException {
try {
// Here be some code that fails.
} catch (Exception e) {
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
}
chain.doFilter(request, response);
}
但是,此代码返回默认的Tomcat“错误报告” HTML页面,而不是上面显示的JSON格式的DefaultErrorAttributes。
为什么会发生这种情况?在两种情况下使两种错误消息保持一致(JSON格式)的最佳方法是什么?
原始链接http://teknosrc.com/java-break-filter-chain-return-custom-pojo-response-servlet/
public class TestFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,ServletException {
if(ANY CONDITION){
//ANY POJO CLASS
// ErrorResponse is a public return object that you define yourself
ErrorResponse errorResponse = new ErrorResponse();
errorResponse.setCode(401);
errorResponse.setMessage("Unauthorized Access");
byte[] responseToSend = restResponseBytes(errorResponse);
((HttpServletResponse) response).setHeader("Content-Type", "application/json");
((HttpServletResponse) response).setStatus(401);
response.getOutputStream().write(responseToSend);
return;
}
//ANY OTHER BUSINESS LOGIC
chain.doFilter(request, response);
}
@Override
public void destroy() {
}
private byte[] restResponseBytes(ErrorResponse eErrorResponse) throws IOException {
String serialized = new ObjectMapper().writeValueAsString(eErrorResponse);
return serialized.getBytes();
} }