程序设置的全局异常是捕获不到AuthenticationProvider 抛出的异常的,前后端分离后,前端接收到的异常就不是可用的异常信息,那这个时候应该怎么处理异常呢?
1.重写 BasicAuthenticationEntryPoint 类的 commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authEx)
@Component
@Slf4j
public class KstBasicAuthenticationEntryPoint extends BasicAuthenticationEntryPoint {
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authEx)
throws IOException, ServletException {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter writer = response.getWriter();
ObjectMapper objectMapper = new ObjectMapper();
Map<String, String> map = new HashMap<>();
String[] errMsg = StringUtils.split(StringUtils.defaultString(authEx.getMessage()), ":");
log.error("用户authentication认证异常:",authEx);
if (errMsg.length == 2) {
map.put("code","1");
map.put("status", errMsg[0]);
map.put("message", errMsg[1]);
} else {
map.put("code","1");
map.put("status", "1");
map.put("message"," 错误-未授权");
}
writer.println(objectMapper.writeValueAsString(map));
}
@Override
public void afterPropertiesSet() throws Exception {
super.afterPropertiesSet();
}
}
2.完