SpringSecurity权限认证(二)
当未登陆或者token失效时访问接口时,自定的返回结果
当用户未登录时,不希望返回错误信息,而返回自定义结果时,就需要自行进行配置,在SecurityConfig进行配置。
@Autowired
private RestAuthorizationEntryPoint restAuthorizationEntryPoint;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/login")
.permitAll()
.anyRequest()
.authenticated()
.and()
.headers()
.cacheControl();
http.csrf().disable();
//添加自定义未授权和未登录结果返回
http.exceptionHandling()
.authenticationEntryPoint(restAuthorizationEntryPoint);
}
创建RestAuthorizationEntryPoint 实现 AuthenticationEntryPoint接口
package com.bep.server.config.security;
import com.bep.server.pojo.Result;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
/**
* 当未登陆或者token失效时访问接口时,自定的返回结果
*/
@Component
public class RestAuthorizationEntryPoint implements AuthenticationEntryPoint {
@Override
public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException {
httpServletResponse.setCharacterEncoding("UTF-8");
httpServletResponse.setContentType("application/json");
PrintWriter out = httpServletResponse.getWriter();
Result bean = Result.fail("未登录");
bean.setCode(401);
out.write(new ObjectMapper().writeValueAsString(bean));
out.flush();
out.close();
}
}
Result是自定义的一个返回结果类
package com.bep.server.pojo;
import io.swagger.annotations.ApiModel;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;
@Data
@EqualsAndHashCode(callSuper = false)
@Accessors(chain = true)
@ApiModel(value="统一返回对象", description="")
@AllArgsConstructor
@NoArgsConstructor
public class Result {
private int code;
private String msg;
private Object obj;
/**
* 成功返回
* @param msg
* @return
*/
public static Result success(String msg){
return new Result(200, msg, null);
}
/**
* 成功返回
* @param msg
* @param obj
* @return
*/
public static Result success(String msg, Object obj){
return new Result(200, msg, obj);
}
/**
* 失败返回
* @param msg
* @return
*/
public static Result fail(String msg){
return new Result(500, msg, null);
}
/**
* 返回
* @param msg
* @param obj
* @return
*/
public static Result fail(String msg, Object obj){
return new Result(500, msg, obj);
}
}
当访问/test1时
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-hg8dAien-1635311945565)(SpringSecurity权限认证(二)].assets/image-20211027131102175.png)
0, msg, obj);
}
}
当访问/test1时
![在这里插入图片描述](https://img-blog.csdnimg.cn/e86eae52aad14426bf37976b63f63597.png#pic_center)