У меня проблема с моей UserDetailsService. Моя настраиваемая обработка исключений не работает, и вместо моего настраиваемого сообщения JSON я получил ошибку tomcat html.
[введите описание изображения здесь] [1] Я пробую и @RestControllerAdvice, а также @ ControllerAdvice
public class CoreExceptionHandler {
@ResponseStatus(HttpStatus.FORBIDDEN)
@ExceptionHandler(UserWasDeletedException.class)
public ApiResponse handle(UserWasDeletedException e) {
return new ApiResponse(e.getStatus(), e.getMessage(), e.getTimestamp());
}
...
}
Мое собственное исключение
public class UserWasDeletedException extends ApiException {
public UserWasDeletedException(String message) {
super(message);
}
}
Конфигурация моей безопасности
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
public class AppSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtTokenProvider provider;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.cors().disable()
.csrf().disable()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.addFilterBefore(new JwtTokenFilter(provider), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(new CorsFilter(),JwtTokenFilter.class)
.anonymous().disable()
.exceptionHandling()
.authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED));
}
}
Моя служба информации о пользователях.
public class JwtUserDetailsService implements UserDetailsService {
@Autowired
private UserService userService;
@Override
public UserDetails loadUserByUsername(String userName) throws UserWasDeletedException {
UserEntity user = userService.findUserByEmail(userName);
JwtUser jwtUser = JwtUserFactory.create(user);
if (user.getStatus().equals(UserStatusEnum.DELETED)) {
throw new UserWasDeletedException(userName);
}
return jwtUser;
}
}
Я также пытаюсь изменить метод loadUserByUsername на.
@Override
public UserDetails loadUserByUsername(String userName) throws UserNotFoundException {
UserEntity user = userService.findUserByEmail(userName);
JwtUser jwtUser = JwtUserFactory.create(user);
if (user.getStatus().equals(UserStatusEnum.DELETED)) {
throw new UserNotFoundException(userName);
}
return jwtUser;
}
```
My investigated bring me next conclusion, the last point where we throw our custom exception is
publi c class JwtTokenFilter extends GenericFilterBean {
private final JwtTokenProvider jwtTokenProvider;
public JwtTokenFilter(JwtTokenProvider jwtTokenProvider) {
this.jwtTokenProvider = jwtTokenProvider;
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException {
String token = jwtTokenProvider.resolveToken((HttpServletRequest) servletRequest);
if (token != null && jwtTokenProvider.validateToken(token)) {
Authentication authentication = jwtTokenProvider.getAuthentication(token);
if (authentication != null)
SecurityContextHolder.getContext().setAuthentication(authentication);
}
filterChain.doFilter(servletRequest, servletResponse);
}
}
and I think it's something wrong with ServletException. Maybe you can tell me how Tomcat can handle exceptions. Thanks!
[1]: https://i.stack.imgur.com/aUZBc.png