【问题标题】:Extending spring security loadByUsername httpStatusCode扩展spring security loadByUsername httpStatusCode
【发布时间】:2020-02-07 19:25:17
【问题描述】:

您好,我正在强制解决与 spring security UserDetailsS​​ervice 方法的扩展功能相关的问题。此方法默认抛出 UsernameNotFoundException,状态码为 400(错误请求)

    override fun loadUserByUsername(username: Username): UserDetails {
        if(loginAttemptService.isBlocked(username))
            throw TooManyInvalidLoginRequestException()
        val user = repository.findByEmail(username.toLowerCase())
            ?: repository.findByUsername(username)
            ?: throw AuthenticationUserNotFound()
        return CustomUserDetails(user)
    }

class TooManyInvalidLoginRequestException : ServiceException(TOO_MANY_REQUESTS, EMAIL_BLOCKED_TOO_MANY_INVALID_LOGIN_REQUEST)

如果我尝试抛出由我自己定义的异常,该异常抛出另一个状态代码,那么它会用我的消息覆盖为 401。 您知道如何防止这种情况发生吗?

【问题讨论】:

    标签: spring-boot kotlin spring-security spring-security-oauth2


    【解决方案1】:

    您可以使用 Spring 的 @RestControllerAdvice 注解创建一个全局异常控制器,例如:

    import org.springframework.http.HttpStatus
    import org.springframework.http.ResponseEntity
    import org.springframework.web.bind.annotation.ExceptionHandler
    import org.springframework.web.bind.annotation.RestControllerAdvice
    
    data class ErrorResponseDto(erroCode: Int, message: String)
    
    @RestControllerAdvice
    class GlobalExceptionController {
        @ExceptionHandler(TooManyInvalidLoginRequestException.class)
        fun handleCaseOne(e: TooManyInvalidLoginRequestException): ResponseEntity<ErrorResponseDto> {
            val errorResponseDto = ErrorResponseDto(101, e.getMessage())
            ResponseEntity<>(errorResponseDto, HttpStatus.BAD_REQUEST)
        }
    
        @ExceptionHandler(SomeOtherException.class)
        fun handleCaseTwo(e: SomeOtherException): ResponseEntity<ErrorResponseDto> {
            val errorResponseDto = ErrorResponseDto(102, e.getMessage())
            ResponseEntity<>(errorResponseDto, HttpStatus.INTERNAL_SERVER_ERROR)
        }
    }
    

    这可能有一些 Kotlin 错误,这是从 Java 代码移植而来的。

    【讨论】:

    • UserDetailsS​​ervice loadUserByUsername 扩展默认抛出 UsernameNotFoundException
    猜你喜欢
    • 2021-08-27
    • 1970-01-01
    • 2015-08-27
    • 2020-05-31
    • 1970-01-01
    • 2015-07-30
    • 2013-04-16
    • 2014-10-14
    • 1970-01-01
    相关资源
    最近更新 更多