问题描述

我正在使用Spring Boot将.war文件部署到external Tomcat Server.

I am using Spring Boot to deploy a .war file to an external Tomcat Server.

我正在使用Ajax/Restful身份验证，并且具有以下处理身份验证失败的类:

I am using Ajax/Restful authentication and I have the following class that handles authentication failure:

@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
                                        AuthenticationException exception) throws IOException, ServletException {

        response.sendError(HttpServletResponse.SC_UNAUTHORIZED, exception.getMessage());
}

当我使用嵌入式Tomcat服务器时，一切顺利，并且在身份验证失败时，我得到以下JSON:

When I'm using the embedded Tomcat server, all goes well and upon authentication failure I get the following JSON:

{
  "timestamp" : "2015-12-14T15:39:07.365+0000",
  "status" : 401,
  "error" : "Unauthorized",
  "message" : "You have provided wrong credentials",
  "path" : "/api/authentication"
}

但是，当使用External Tomcat Server时，我得到一个HTML响应，该响应会带来通常的Tomcat失败的身份验证页面.有什么方法可以绕过外部服务器吗?

However, when using an External Tomcat Server I get an HTML response which brings the usual Tomcat failed authentication page. Is there any way to bypass this for the External Server?

推荐答案

解决方案就是不使用sendError()并提供状态代码并提供自定义的异常序列化:

Solution was simply to not use sendError() and to provide a status code and to provide a custom exception serialization:

@Service
public class AjaxAuthenticationFailureHandler
        extends SimpleUrlAuthenticationFailureHandler {

    @Autowired
    private ObjectMapper objectMapper;

    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
            AuthenticationException exception) throws IOException, ServletException {
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        response.getWriter().write(objectMapper.writeValueAsString(exception));
        response.getWriter().flush();
    }


}

这篇关于Spring Boot-外部Tomcat Server Ajax身份验证失败消息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！