[英]Execute GenericFilterBean only on response with Spring boot 2.0.0
[英]spring boot GenericFilterBean , filter return error code & response header at client side
我有一个过滤器
package com.vs.security.filter;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.GenericFilterBean;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Component
public class TokenFilter extends GenericFilterBean {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest httpRequest = asHttp(servletRequest);
HttpServletResponse httpResponse = asHttp(servletResponse);
boolean explicitlyTrue = true;
if (explicitlyTrue) {
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Provided Information is Invalid");
httpResponse.addHeader("SC_UNAUTHORIZED", "Provided Information is Invalid");
return;
}
filterChain.doFilter(servletRequest, servletResponse);
}
private HttpServletRequest asHttp(ServletRequest request) {
return (HttpServletRequest) request;
}
private HttpServletResponse asHttp(ServletResponse response) {
return (HttpServletResponse) response;
}
}
我对 vuejs 的要求
form () {
debugger
this.$axios.get(this.$dbServer+this.endpoint+'form')
.then((res) => {
debugger
this.fd = res.data.fd;
}).catch(() => { this.notifyOnFailure(this.oopsMessage) })
}
因为我已经发送SC_UNAUTHORIZED = 401
,但在客户端,我无法获得这个 401。我什至在浏览器检查中看到网络选项卡(如下)。 此外,我还添加了标题。 但无法在客户端获取此标头值。
Request URL: http://********:8081/*******/form
Referrer Policy: no-referrer-when-downgrade
Content-Type: application/json
Date: Sun, 15 Mar 2020 06:29:00 GMT
Transfer-Encoding: chunked
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: keep-alive
Host: localhost:8081
Origin: http://*******:8080
Referer: http://*******:8080/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/80.0.3987.132 Safari/537.36
您必须交换sendError
和addHeader
调用的顺序
@Bean
GenericFilterBean genericFilterBean() {
return new GenericFilterBean() {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletResponse resp = ((HttpServletResponse) response);
resp.addHeader("SC_UNAUTHORIZED", "Provided Information is Invalid");
resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Provided Information is Invalid");
}
};
}
结果:
HTTP/1.1 401
SC_UNAUTHORIZED: Provided Information is Invalid
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Content-Length: 320
Date: Sun, 15 Mar 2020 06:47:10 GMT
Keep-Alive: timeout=60
Connection: keep-alive
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.