有没有一种方法可以自定义处理程序来处理Spring Security过滤器中的异常和自定义异常?我需要发送一个包含错误信息的格式化响应到前端。
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class GlobalExceptionFilter extends OncePerRequestFilter {
private final ObjectMapper mapper = new ObjectMapper();
@Override
protected void doFilterInternal(HttpServletRequest request,
HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
try {
filterChain.doFilter(request, response);
} catch (Exception ex) {
mapper.writeValue(response.getWriter(), new ErrorInfo("something bad happened"));
response.setContentType(MediaType.APPLICATION_JSON);
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
response.getWriter().close();
response.getWriter().flush();
}
}
发送到前端的错误信息将包含在 ErrorInfo 类中:
public class ErrorInfo {
// some custom fields as you wish
public ErrorInfo(String error) {
...
}
}
security.filter-order=0
当过滤器链中的某个地方发生异常时,该异常将被全局异常过滤器捕获,然后创建一个包含错误信息的ErrorInfo对象,并使用Jackson ObjectMapper进行序列化。最后,使用给定的HTTP状态将响应发送到客户端。