Spring Boot,自定义身份验证处理程序和Angular 5
[英]Spring boot, custom auth handler and Angular 5
问题描述
我的其余申请存在下一个问题。 我的后端带有自定义身份验证处理程序
public class AutorizacionFilter extends OncePerRequestFilter {
@Autowired
UsuariosService usuarioService;
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
String dominio = ((HttpServletRequest) request).getRequestURI();
if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
filterChain.doFilter(request, response);
} else if (dominio.startsWith("/api/login") || dominio.startsWith("/api/usuarios")) {
filterChain.doFilter(request, response);
} else {
String token = request.getHeader ("Authorization");
if (token == null || !usuarioService.validarSesion(token)) {
((HttpServletResponse) response).sendError(HttpServletResponse.SC_UNAUTHORIZED, "your message goes here");
return;
}
filterChain.doFilter(request, response);
}
}
在我用Angular 5创建的网页中,我有一个拦截器来捕获401状态码
@Injectable()
export class AuthHttpInterceptor implements HttpInterceptor {
intercept(
req: HttpRequest<any>,
next: HttpHandler
): Observable<HttpEvent<any>> {
if (!req.headers.has("Content-Type")) {
req = req.clone({
headers: req.headers.set("Content-Type", "application/json")
});
}
req = req.clone({ headers: req.headers.set("Accept", "application/json") });
console.log(JSON.stringify(req.headers));
return next.handle(req).do(
(event: HttpEvent<any>) => {
if (event instanceof HttpResponse) {
console.log("Autorizacion OK!");
console.log("Code: " + event.status);
}
},
(err: HttpErrorResponse) => {
if (err.error instanceof Error) {
console.log("An error occurred:", err.error.message);
} else {
console.log(
`Backend returned code ${err.status}, body was: ${err.message}`
);
}
}
);}}
当代币到期时,拦截器无法解析答案,并给我这个错误
针对(未知网址)的Http错误响应:0未知错误
我有很多关于httpClient响应为空的问题的阅读资料,但我无法理解如何解决/找到解决方法。
任何人都可以伸出援助之手来理解这个问题。
谢谢
1 个解决方案
解决方案1
0 已采纳 2018-01-21 04:40:02
感谢@Asura的回答,我设置了响应头并解决了问题。 这是代码。
if (token == null || !usuarioService.validarSesion(token)) {
((HttpServletResponse) response).setHeader("Access-Control-Allow-Origin", "*");
((HttpServletResponse) response).setHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS, HEAD");
((HttpServletResponse) response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
Spring Boot 从异常处理程序返回 401 状态的自定义对象
[英]Spring Boot Returning 401 Statused Custom Object From Exception Handler
Java Spring 启动自定义异常处理程序抛出 controller
[英]Java Spring Boot Custom Exception Handler thrown out of controller
GlobalMethodSecurityConfiguration is deprecated in spring boot 3,如何在3中创建Custom Expresion handler?
[英]GlobalMethodSecurityConfiguration is deprecated in spring boot 3, how to create Custom Expresion handler in 3?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Spring Boot-自定义异常处理程序
Spring 具有自定义身份验证和 session 存储的引导安全性
Spring Boot 从异常处理程序返回 401 状态的自定义对象
Java Spring 启动自定义异常处理程序抛出 controller
GlobalMethodSecurityConfiguration is deprecated in spring boot 3,如何在3中创建Custom Expresion handler?
Spring boot Ambiguous handler
Spring Boot JWT身份验证
Spring Boot中的异常处理程序不起作用?
Spring Boot LDAP Auth NameNotFoundException
Spring Boot Admin - 基本身份验证
相关标签