[英]Change response status onUnsuccessfulAuthentication
The whole purpose of this is to have a different error message on the frontend when the user is blocked, a different message when the username is not found and when the password is incorrect.这样做的全部目的是在用户被阻止时在前端显示不同的错误消息,在未找到用户名和密码不正确时显示不同的消息。
public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@Override
public void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {
if (exception.getMessage().contains("404")) {
response.sendError(HttpServletResponse.SC_NOT_FOUND);
} else if (exception.getMessage().contains("disabled")) {
response.sendError(HttpServletResponse.SC_CONFLICT);
response.setStatus(HttpServletResponse.SC_CONFLICT);
response.setHeader("test", "test");
}
super.unsuccessfulAuthentication(request, response, exception);
}
}
I am trying to change the response error status based on the message of the exception.我正在尝试根据异常消息更改响应错误状态。
This class extends the UsernamePasswordAuthenticationFilter
and overrides the unsuccessfulAuthentication
method.此类扩展
UsernamePasswordAuthenticationFilter
并覆盖unsuccessfulAuthentication
方法。 The unsuccessfulAuthentication
method is called each time the authentication is unsuccessful.每次身份验证不成功时都会调用
unsuccessfulAuthentication
方法。
Even though the response status is set to eg conflict, the browser receives 403 unauthorized error.即使响应状态设置为例如冲突,浏览器也会收到 403 未授权错误。
I don't seem to be able to modify the response status and message/output in any way.我似乎无法以任何方式修改响应状态和消息/输出。
What kind of solution would you recommend to solve this issue?你会推荐什么样的解决方案来解决这个问题?
我想通了,我需要在方法结束之前加上“return”关键字。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.