在spring启动时REST API的身份验证失败时从Java类发送自定义JSON
我已经粘贴了上面代码的一部分。我还扩展了三个类,并将它们注入bean AuthenticationEntryPoint、SimpleRulAuthenticationFailureHandler、SimpleRulAuthenticationSuccessHandler,认为我可以扩展它们,并尝试在身份验证失败时获取自定义错误消息。我在restapi中得到了标准的springauth失败,它工作得很好,但是我想定义我自己的类,甚至在资源端点发挥作用之前,我想在auth层将其作为响应发送。就像我自己的自定义类和我自己的数据成员一样。目前,我得到了默认错误的情况下,错误的身份验证 {“timestamp”:1469955305299,“status”:401,“error”:“Unauthorized”,“message”:“Bad credentials”,“path”:“/secure/hello”} 这就是我用错误的pwd执行rest调用的方式在spring启动时REST API的身份验证失败时从Java类发送自定义JSON,java,spring-security,spring-boot,spring-restcontroller,spring-rest,Java,Spring Security,Spring Boot,Spring Restcontroller,Spring Rest,我已经粘贴了上面代码的一部分。我还扩展了三个类,并将它们注入bean AuthenticationEntryPoint、SimpleRulAuthenticationFailureHandler、SimpleRulAuthenticationSuccessHandler,认为我可以扩展它们,并尝试在身份验证失败时获取自定义错误消息。我在restapi中得到了标准的springauth失败,它工作得很好,但是我想定义我自己的类,甚至在资源端点发挥作用之前,我想在auth层将其作为响应发送。就像我自
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter{
@Autowired
private RESTAuthenticationEntryPoint authenticationEntryPoint;
@Autowired
private RESTAuthenticationFailureHandler authenticationFailureHandler;
@Autowired
private RESTAuthenticationSuccessHandler authenticationSuccessHandler;
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/hello").permitAll()
.antMatchers("/secure/hello").authenticated()
.and()
.httpBasic()
.realmName("KS TEST")
.and()
.csrf()
.disable();
http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);
http.formLogin().successHandler(authenticationSuccessHandler);
http.formLogin().failureHandler(authenticationFailureHandler);
http.logout().logoutSuccessUrl("/");
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
如果我给了正确的pwd,事情会按预期进行。然而,在一个错误的例子中,假设我想要一个可以填充的类,并在auth层成为json响应。有人能告诉我需要做什么吗
//REST API execution example
curl -v -u mickey:cheesee http://localhost:8080/secure/hello