shiro ajax权限拦截器,springboot+shiro+ajax 角色的权限不足时 返回 No message available

demo使用springboot+shiro做权限管理，使用ajax操作json做数据交换。在ShiroConfig中在资源上增加角色的配置

@Configuration

public class ShiroConfig {

@Bean

public CustomRealm getCustomRealm() {

return new CustomRealm();

}

@Bean

public DefaultWebSecurityManager getSecurityManager() {

DefaultWebSecurityManager sm = new DefaultWebSecurityManager();

sm.setRealm(getCustomRealm());

return sm;

}

@Bean

public ShiroFilterFactoryBean getShiroFilterFactoryBean(

DefaultWebSecurityManager securityManager) {

ShiroFilterFactoryBean shirofilterfactorybean = new ShiroFilterFactoryBean();

shirofilterfactorybean.setSecurityManager(securityManager);

shirofilterfactorybean.setLoginUrl("/index.html");

shirofilterfactorybean.setSuccessUrl("/home");

// shirofilterfactorybean.setUnauthorizedUrl("/error");

// 配置数据库中的resource

Map filterChainDefinitionMap = new LinkedHashMap<>();

filterChainDefinitionMap.put("/emp/**", "authc,roles[test]");

filterChainDefinitionMap.put("/home", "authc");

filterChainDefinitionMap.put("/logout", "logout");

shirofilterfactorybean.setFilterChainDefinitionMap(filterChainDefinitionMap);

// 覆盖默认shiro拦截器

Map filters = new LinkedHashMap<>();

filters.put("authc", new SessionFilter());

shirofilterfactorybean.setFilters(filters);

return shirofilterfactorybean;

}

}

用户：admin，对应的角色名：admin。使用用户 admin 登录后，ajax的error方法得到的内容为：

Whitelabel Error Page

=====================

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Mon May 25 16:50:38 CST 2020

There was an unexpected error (type=Unauthorized, status=401).

No message available

其实设置过全局的异常处理，但是debug的时候发现并没有走这段代码：

@ExceptionHandler({UnknownAccountException.class})

@ResponseBody

public ResultBean unknownAccountHandler(HttpServletRequest request, Exception exception) throws Exception {

return ResultBean.error(500 , "请检查账号或密码");

}

@ExceptionHandler({LockedAccountException.class})

@ResponseBody

public ResultBean lockedAccountExceptionHandler(HttpServletRequest request, Exception exception) throws Exception {

return ResultBean.error(500 , "账号被锁定，请联系管理员");

}

@ExceptionHandler({UnauthorizedException.class , AuthorizationException.class , ShiroException.class})

@ResponseBody

public ResultBean unauthorizedHandler(HttpServletRequest request, Exception exception) throws Exception {

return ResultBean.error(500 , "您的权限不足");

}

@ExceptionHandler({UnauthenticatedException.class})

@ResponseBody

public ResultBean unauthenticatedHandler(HttpServletRequest request, Exception exception) throws Exception {

return ResultBean.error(500 , "未授权");

}

页面的ajax代码：

$.ajax({

type: "GET",

url: "./emp/search",

data: param,

dataType: "json",

contentType: "application/json;charset=utf-8",

success: function (result) {

layui.use(['laypage', 'layer'], function() {

let laypage = layui.laypage

let data = result.data

//总页数大于页码总数

laypage.render({

elem: 'demo1' ,

pages: data.pages, //通过后台拿到的总页数

count: data.total, //数据总数

curr: data.pageNum, //初始化当前页

limit: data.pageSize,

jump: function (obj , first) {

if( !first) {

getData( obj.curr )

}

}

})

displayDataList( data.list )

} )

}, error: function (xhr) {

let obj = JSON.parse(xhr.responseText)

layer.msg( obj.message )

}

请大家指教，应该如何处理