Java jaxrs-拦截器返回状态为500时抛出错误
我使用jax-rs编写bulid rest api。为了处理身份验证,我使用拦截器。当身份验证失败时,我返回WebApplicationException,如下所示:Java jaxrs-拦截器返回状态为500时抛出错误,java,authentication,jax-rs,httpresponse,Java,Authentication,Jax Rs,Httpresponse,我使用jax-rs编写bulid rest api。为了处理身份验证,我使用拦截器。当身份验证失败时,我返回WebApplicationException,如下所示: try { Authentication authentication = authenticationManager .authenticate(new UsernamePasswordAuthenticationToken(policy.getUserName()
try
{
Authentication authentication = authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken(policy.getUserName(), policy.getPassword()));
SecurityContext securityContext = SecurityContextHolder.getContext();
securityContext.setAuthentication(authentication);
}
catch (AuthenticationServiceException | BadCredentialsException e)
{
throw new WebApplicationException(Response.Status.UNAUTHORIZED); //TODO set response status
}
但它返回的是startus 500,而不是401
当我在服务中抛出WebApplicationException时,它返回我设置的状态,但在拦截器中它不起作用。如何从拦截器返回401
jaxrs:服务器配置:
<jaxrs:server id="restService" address="/rest">
<jaxrs:serviceBeans>
<ref bean="serviceBean"/>
</jaxrs:serviceBeans>
<jaxrs:inInterceptors>
<ref bean="securityInterceptor"/>
</jaxrs:inInterceptors>
</jaxrs:server>
<bean id="serviceBean" class="some_package.CustomerService"/>
<bean id="securityInterceptor" class="some_package.AuthenticatorInterceptor"/>
您的拦截器在调用JAX-RS资源之前被调用,这意味着它还不知道JAX-RS设置
我会使用一个
exceptionapper
来转换为一个合适的响应,不管它从哪里抛出。我不确定,但对于身份验证,您可能应该使用过滤器而不是拦截器。@mkrakhin我尝试使用过滤器,但版本1.1.1中有jsr311 api,它不起作用,无法升级到最新版本。您对此有答案吗?我使用注释@Provider创建映射器,将配置添加到xml,添加到jaxrs:server的提供者列表中,但当我抛出异常时,他不会触发。jersey版本1如何*
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.ext.Provider;
@Provider
public class Example implements ContainerRequestFilter {
@Override
public void filter(ContainerRequestContext requestContext) {
requestContext.abortWith(Response.status(Status.UNAUTHORIZED).build());
}
}