Spring Security 过滤器异常:getWriter() has already been called for this response

已于 2022-06-29 09:44:45 修改
阅读量760 收藏
点赞数
分类专栏: spring cloud java 文章标签: spring java
于 2022-06-29 09:35:08 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/shenlf_bk/article/details/125514107
版权

 java.lang.IllegalStateException: getWriter() has already been called for this response

异常:

09:26:47.102 ERROR c.b.b.config.DefaultExceptionHandler  path:/user-base/user/verifyIdentity, queryParam:null, errorMessage:getWriter() has already been called for this response
java.lang.IllegalStateException: getWriter() has already been called for this response
	at org.apache.catalina.connector.Response.getOutputStream(Response.java:550)
	at org.apache.catalina.connector.ResponseFacade.getOutputStream(ResponseFacade.java:210)
	at javax.servlet.ServletResponseWrapper.getOutputStream(ServletResponseWrapper.java:105)
	at javax.servlet.ServletResponseWrapper.getOutputStream(ServletResponseWrapper.java:105)
	at org.springframework.security.web.util.OnCommittedResponseWrapper.getOutputStream(OnCommittedResponseWrapper.java:145)
	at org.springframework.http.server.ServletServerHttpResponse.getBody(ServletServerHttpResponse.java:84)
	at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.writeInternal(AbstractJackson2HttpMessageConverter.java:313)
	at org.springframework.http.converter.AbstractGenericHttpMessageConverter.write(AbstractGenericHttpMessageConverter.java:104)
	at org.springframework.web.servlet.mvc.method.annotation.AbstractMessageConverterMethodProcessor.writeWithMessageConverters(AbstractMessageConverterMethodProcessor.java:277)
	at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.handleReturnValue(RequestResponseBodyMethodProcessor.java:181)
	at org.springframework.web.method.support.HandlerMethodReturnValueHandlerComposite.handleReturnValue(HandlerMethodReturnValueHandlerComposite.java:82)
	at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:123)
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:878)
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:792)
	at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:626)
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at com.biaopu.core.interceptor.TokenVerifyFilter.doFilterInternal(TokenVerifyFilter.java:86)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
	at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

报错位置:chain.doFilter(request, response);

package com.biaopu.core.interceptor;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.biaopu.core.handler.TokenHandleUtil;
import com.biaopu.core.mapper.SysUserMapper;
import com.biaopu.core.pojo.entity.SysUser;
import com.biaopu.core.utils.UserUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.stereotype.Component;

import javax.annotation.PostConstruct;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;

/**
 * 校验Token是否合法的Filter
 */
@Slf4j
public class TokenVerifyFilter  extends BasicAuthenticationFilter {
    @Autowired
    private TokenStore tokenStore;
    @Autowired
    private SysUserMapper sysUserMapper;
    private static TokenVerifyFilter tokenVerifyFilter;

    public TokenVerifyFilter(AuthenticationManager authenticationManager) {
        super(authenticationManager);
    }
    @PostConstruct
    private void init () {
        tokenVerifyFilter = this;
    }

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
        String header = request.getHeader("Authorization");
        PrintWriter out = response.getWriter();//报错原因  与controller中返回值冲突
        Map resultMap = new HashMap();
        if (header == null || !header.startsWith("Bearer")) {
            //如果携带错误的token,则给用户提示请登录!
            chain.doFilter(request, response);
            response.setContentType("application/json;charset=utf-8");
            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
            resultMap.put("code", HttpServletResponse.SC_FORBIDDEN);
            resultMap.put("msg", "携带错误的token!");

        } else {
            //如果携带了正确格式的token要先得到token
//            String token = header.replace("Bearer", "");
            String str [] =header.split(" ");
            String token = str[1];
            log.info("send {} to {}",request.getMethod(),request.getRequestURL().toString());

            if(null == token){
                log.error("token is null ...");
                resultMap.put("code", HttpServletResponse.SC_FORBIDDEN);
                resultMap.put("msg", "携带的token is null ...");
            }else{
                //校验是否存在redis中
                TokenHandleUtil tokenHandleUtil = new TokenHandleUtil();
                Long userId = UserUtils.getUserId(request);
                Boolean flag  = tokenHandleUtil.verifyToken(token,userId);
                if (flag) {
                    //校验redis中token是否有效
                    log.info("access token is ok!!!");
                    UsernamePasswordAuthenticationToken authResult =
                            new UsernamePasswordAuthenticationToken(userId, null, null);
                    SecurityContextHolder.getContext().setAuthentication(authResult);
                    
                    chain.doFilter(request, response);//这里报错
                }
            }
        }
        out.write(resultMap.toString());
        out.flush();
        out.close();
    }


}

原因:

controller中设置了返回方法,过滤器中又调用了PrintWriter ,冲突报错

PrintWriter out = response.getWriter();

 解决方式:

去掉PrintWriter,或者将PrintWriter移动到if内

if (header == null || !header.startsWith("Bearer")) {

    //如果携带错误的token,则给用户提示请登录!
    response.setContentType("application/json;charset=utf-8");
    response.setStatus(HttpServletResponse.SC_FORBIDDEN);
    resultMap.put("code", HttpServletResponse.SC_FORBIDDEN);
    resultMap.put("msg", "携带错误的token!");
    PrintWriter out = response.getWriter();
    out.write(resultMap.toString());
    out.flush();
    out.close();

} else {
亦碎流年
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
权限验证报错:getWriter() has already been called for this response
牧牛人Alec
09-07 489
报错:getWriter() has already been called for this response 这个问题困扰了我好几天,开始以为是代码错了,后来才知道是配置错了。 我不太懂Spring Security,但关于这个项目遇见的问题,需要几点注意的地方: ①由于Spring Security配置引起的错误 ②需要开启redis ③路径要正确 -1 -2 -3...
解决filter中的getWriter() has already been called for this response异常
haoqingt1的博客
01-08 1484
近期,使用filter拦截请求的方式,实现对登录状态的验证。不是登录状态的话,返回一个固定的json提示。功能实现后,每次拦截到非登录请求,都会报IllegalStateException: getWriter() has already been called for this response异常提示。 代码如下,在writer = response.getWriter(); 一行报了这个错误。 private void returnJson(HttpServletResponse response
Zuul Filter过滤器返回信息提示getWriter() has already been called for this response
TianXinCoord的博客
11-26 1913
文章目录一、问题说明二、问题原因三、问题解决 一、问题说明 在使用zuul filter过滤器检验token是有效,当无效时返回错误提示测试时出现错误 访问服务时一直提示下面的错误 java.lang.IllegalStateException: getWriter() has already been called for this response 二、问题原因 根据提示是getWriter()方法已经被调用过了,所以猜测是返回数据时当前的response已经响应了,但是需要返回的数据还在缓
getWriter() has already been called for this response
一个程序员的专栏
12-19 5106
我遇到的情况和网上其余网友的原因不太一样。搜索到的解决方法不能解决我的这个问题。(虽然这个报错不影响我的功能) 问题解决也是参考网友的回复,提醒我了,才解决了这个问题。 报错原因: 我在Controller里面的方法返回JSON数据的时候,使用的是自己封装的一个方法,最后调用的是PrintWriter.write("返回内容");方法。方法是返回的是void,简单的贴一下代码(代码不全,仅...
使用拦截器(interceptor)报错:getWriter() has already been called for this response
f_yuqing的博客
07-17 566
发送请求:http://localhost:8080/**/api/****?报错:根据报错信息:我们可以看到Response.java:550位置处报错。 我们可以看到usingWriter=true,是导致异常的原因。那么接下来我们只要知道哪一步将usingWriter=true就可以了。 我么再在拦截器中使用了getWriter(),方法,方便我们返回我们的自定义错误信息。源码getWriter()源码如下:看了上面我们可以知道,源码1中使我们的http请求默认使用的,源码2 是我们用来返回自定义异
getOutputStream() has already been called for this response 错误解决
08-03
Java Web开发中,"getOutputStream() has already been called for this response" 是一个常见的错误,通常出现在使用Servlet或JSP时。这个错误意味着在HTTP响应中,`getOutputStream()`已经被调用,然后尝试再次...
SpringSecurity如何实现配置单个HttpSecurity
08-18
PrintWriter pw = response.getWriter(); Map, Object> map = new HashMap, Object>(); map.put("status", 200); map.put("message", "登录成功"); pw.write(JSONObject.toJSONString(map)); pw.flush(); pw....
SpringSecurity自定义成功失败处理器的示例代码
09-07
Spring Security框架中,自定义成功失败处理器是用于定制用户登录认证后的响应行为。默认情况下,Spring Security提供了标准的处理程序来处理用户的登录成功或失败情况,但有时我们需要根据业务需求进行个性化设置...
SpringSecurity登录使用JSON格式数据的方法
10-17
Spring Security框架中,通常默认的登录方式是通过表单提交键值对数据。然而,在现代Web应用中,很多API接口倾向于使用JSON格式的数据进行通信。本篇文章将深入探讨如何在Spring Security中实现使用JSON格式数据...
response.getWriter().write()向前台打印信息乱码问题解决
10-25
本节主要介绍了response.getWriter().write()向前台打印信息乱码问题解决方法,需要的朋友可以参考下
java.lang.IllegalStateException: getOutputStream() has already解决办法
09-17
纠结了半天的 java.lang.IllegalStateException: getOutputStream() has already。这个问题困扰了半天,在网上查阅了大量资料 出这个错误一般就是下面2个.....
filter中流未关闭引发的问题getWriter() has already been called for this response
Dream it Possible
06-30 2348
【引言】 在上一篇博客中,写了Spring MVC和Spring Boot框架中如何实现自定义filter,文章结尾提到了filter中遇到的问题,如下: IllegalStateException: getWriter() has already been called for this response ...
Springboot 拦截器 异常:IllegalStateException: getWriter() has already been called for this response
qq_34328582的博客
03-27 2716
开发业务的时候,使用到了Springboot1.5.9 ,实现一个拦截功能,做验证使用,实现接口 Spring 提供的HandlerInterceptor,验证要求返回值。所以用了Respone的response.getWriter() 使用PrintWriter来打印响应的错误日志。调用过程就会报IllegalStateException: getWriter() has already bee...
response使用不正确导致报错: getWriter() has already been called for this response
u014427811的博客
08-09 3555
报错场景:在有2个filter+1个interceptor的应用中,在interceptor中使用了response.getWriter()方法,在一个filter中使用response.getOutputStream()。现在我们知道了报错的原因是:在interceptor中使用了response.getWriter()方法,在一个filter中使用response.getOutputStream(),两者操作的都是同一个response对象,那么interceptor和filter的执行顺序是如何的。
SpringBoot 调用错:getWriter() has already been called for this response
最新发布
张紫娃的博客
01-13 2120
这个错误通常表明您尝试从Spring MVC返回一个已使用的对象。原因:这可能是由于直接调用的或方法,或者由于在控制器方法中抛出异常而自动调用的write()方法。修改建议:您可以确保在控制器方法中没有调用任何的方法,并且不要在控制器方法中抛出异常。规避建议:如果需要向客户端返回响应,请使用返回相应的对象,例如String或。此外,您还可以使用和注解来处理异常情况,并生成适当的响应。
Spring Boot 错误:getWriter() has already been called for this response
普通人一枚
04-15 317
String xml = "<xml><return_code><![CDATA[SUCCESS]]></return_code><return_msg><![CDATA[OK]]></return_msg></xml>"; log.info("===微信回调业务处理完成,告诉微信" + xml); response.reset();//(清空缓冲区)(1.设置此处刷新) response.setCharact.
问题记录】getWriter() has already been called for this response
java_oss的博客
09-07 1470
最近做公司的管理系统,发现登录的session过期以后,刷新页面,很多接口页面会报500错误,getWriter() has already been called for this response 起初没有在意,以往是页面中断了请求,导致的错误,后面发现调用接口,大面积(seesion过期后)会报错,并不影响会跳登录页面,但是这个500的弹框,很不友好,也很不爽; 决心查看一番: 查看后台日志详细错误信息如下: in context with path [/owner] threw ex.
zuul 拦截器 getWriter() has already been called for this response
MouseLikeCat的博客
09-04 1171
不废话直接上代码。 第一个拦截器: @Component public class BaseDataFilter extends ZuulFilter { @Override public String filterType() { //注意这里哦 return FilterConstants.PRE_TYPE; } @Ove...
权限管理使用swagger测试查询全部菜单报错java.lang.IllegalStateException: getWriter() has already been called for this
ccccchoker的博客
05-15 452
权限管理使用swagger测试查询全部菜单报错java.lang.IllegalStateException: getWriter() has already been called for this responsespringsecurity里面的配置先改为这个,之后再重新改 /** * 配置哪些请求不拦截 * @param web * @throws Exception */ @Override public void configure(
过滤器 getWriter() has already been called for this response
09-01
当调用response的getWriter()方法时,表示已经在该响应对象上调用了一次getWriter()方法。再次调用该方法会导致报错"getWriter() has already been called for this response"。这种情况通常发生在过滤器中。根据提供的引用内容,可以看出在filter中的第一次调用了getWriter()方法,然后继续执行controller层的方法后,又一次调用了getWriter()方法,导致报错。 针对这个问题,网上的解决办法通常是在调用完getWriter()方法后,手动调用writer.flush()方法来结束调用。但是根据提供的引用内容来看,尝试了这个解决办法之后并没有有效果。 我们可以看到,在提供的代码中,在调用getWriter()方法之前没有判断是否已经调用过getWriter()方法。为了解决这个问题,可以在调用getWriter()方法之前添加判断,如果已经调用过getWriter()方法,则不再调用。可以通过设置一个标志位来记录是否已经调用过getWriter()方法。例如,在filter中定义一个布尔类型的变量hasGetWriter,初始值为false,第一次调用getWriter()方法时将其设置为true,后续再次调用getWriter()方法时先判断hasGetWriter的值,如果为true则不再调用getWriter()方法,避免重复调用导致报错。 总结来说,当过滤器中的response对象重复调用getWriter()方法时,会报错"getWriter() has already been called for this response"。可以通过添加判断来避免重复调用getWriter()方法,解决这个问题。<span class="em">1</span><span class="em">2</span><span class="em">3</span> #### 引用[.reference_title] - *1* *2* *3* [解决filter中的getWriter() has already been called for this response异常](https://blog.csdn.net/haoqingt1/article/details/112350623)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_2"}}] [.reference_item style="max-width: 100%"] [ .reference_list ]

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值