java – Spring Security BadCredentialsException如何映射到HTTP 401代码

当我抛出一个org.springframework.security.authentication.BadCredentialsException异常时,在客户端它将显示如下401,

{
  "timestamp": "2016-03-29T09:07:50.866+0000",
  "status": 401,
  "error": "Unauthorized",
  "message": "Some message",
  "path": "/test/service1/getAll"
}

我想知道BadCredentialsException在哪里以及如何映射到HTTP 401状态代码？

解决方法:

它是ExceptionTranslationFilter,它处理安全拦截器抛出的异常,并提供合适的HTTP响应：

The ExceptionTranslationFilter sits above the
FilterSecurityInterceptor in the security filter stack. It doesn’t do
any actual security enforcement itself, but handles exceptions thrown
by the security interceptors and provides suitable and HTTP responses.

有关更多信息,请参阅Spring Security文档here和here.

标签：java,spring,spring-boot,spring-security,http-status-codes
来源： https://codeday.me/bug/20190829/1759253.html