Fatal编程技术网
  • java/
  • Java Spring-处理拒绝访问异常

Java Spring-处理拒绝访问异常

java spring spring-mvc spring-security

Java Spring-处理拒绝访问异常,java,spring,spring-mvc,spring-security,Java,Spring,Spring Mvc,Spring Security,在我的应用程序中,我想处理AccessDeniedException并返回Json内容作为响应。有人能解释一下怎么做吗?我找不到答案。我试图使用@ExceptionHandler捕获异常,但我总是重定向到登录页面。我只编写api,所以不需要整个mvc 有什么想法吗?您可以引入一个能够将AccessDeniedException转换为JSON响应的: import com.fasterxml.jackson.databind.ObjectMapper; import org.springframe

在我的应用程序中,我想处理AccessDeniedException并返回Json内容作为响应。有人能解释一下怎么做吗?我找不到答案。我试图使用@ExceptionHandler捕获异常,但我总是重定向到登录页面。我只编写api,所以不需要整个mvc

有什么想法吗?

您可以引入一个能够将AccessDeniedException转换为JSON响应的:

import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerExceptionResolver;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;

@Component("handlerExceptionResolver")
public class RestExceptionResolver implements HandlerExceptionResolver {
    private final ObjectMapper objectMapper;

    @Autowired
    public RestExceptionResolver(ObjectMapper objectMapper) {
        this.objectMapper = objectMapper;
    }

    @Override
    public ModelAndView resolveException(HttpServletRequest request, HttpServletResponse response, Object object, Exception exception) {
        if (exception instanceof AccessDeniedException) {
            try {
                //you can use a pojo instead of a map too
                Map<String, Object> data = new HashMap<String, Object>();
                data.put("status", HttpServletResponse.SC_FORBIDDEN);
                data.put("message", "my custom message");

                response.setStatus(HttpServletResponse.SC_FORBIDDEN);
                response.setContentType(MediaType.APPLICATION_JSON_VALUE);

                objectMapper.writeValue(response.getOutputStream(), data);

                //exception handled
                return new ModelAndView();
            } catch (Exception e) {
                throw new RuntimeException(e.getMessage(), e);
            }
        }

        //default processing
        return null;
    }
}
我是否需要在配置中的某个位置添加此选项?这取决于您的配置类型xml、注释驱动或java配置。我假设您正在使用注释驱动的依赖项注入,然后通过@ComponenthandlerExceptionResolver注释设置每个。在基于xml的配置中,您必须手动声明这个bean。