1. 首页
  2. 问答
  3. Spring引导拦截器返回JSON

Spring引导拦截器返回JSON

2016-01-13 149 views
0

我有一个REST Webservice的spring引导应用程序。Spring引导拦截器返回JSON

我想添加一个拦截器,以便每个没有特定操作权限的角色返回401错误代码。

@Override 
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception { 

    logger.info("Request URL::" + httpServletRequest.getRequestURL().toString() 
      + ":: Start Time=" + System.currentTimeMillis()); 

    UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) httpServletRequest.getUserPrincipal(); 
    String roleStr = token.getAuthorities().iterator().next().getAuthority(); 
    String action = httpServletRequest.getServletPath(); 


    Role role = roleRepository.findOne(Long.parseLong(roleStr)); 

    if (role.getActions().contains(action)) { 
     return true; 
    } 

    httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 
    return false; 
}

的问题是,响应总是返回HTML,如何做出反应回报JSON像@RestController注释的控制器?

感谢

来源

2016-01-13 Dany Y

+0

您正在使用Spring Security的,那么为什么在地球上玉需要这个? Spring Security已经为你做了这个... –

+0

我想动态地修改动作,并且这些动作可能不仅与他们可以在函数内部调节的url有关,这是否可以在spring security中执行? –

+0

您是否阅读过文档?您可以使用基于URL和/或方法的安全性,它们对于表达式和全部也可能非常复杂。 –

回答

1 
package com.sha.home; 



import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 

import org.apache.log4j.Logger; 
import org.springframework.web.servlet.ModelAndView; 
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; 

import com.fasterxml.jackson.databind.ObjectMapper; 
import com.sha.model.Message; 

public class ExecuteTimeInterceptor extends HandlerInterceptorAdapter{ 

    private static final Logger logger = Logger.getLogger(ExecuteTimeInterceptor.class); 

    //before the actual handler will be executed 
    public boolean preHandle(HttpServletRequest request, 
     HttpServletResponse response, Object handler) 
     throws Exception { 

     long startTime = System.currentTimeMillis(); 
     request.setAttribute("startTime", startTime); 
    System.out.println("start time"+startTime); 

    ObjectMapper mapper = new ObjectMapper(); 
    Message msg = new Message("invalid","userinvalid");// customised pojo for error json message 
    response.setContentType("application/json"); 
    response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); 
    response.getWriter().write(mapper.writeValueAsString(msg)); 

    return false; 


    } 

    //after the handler is executed 
    public void postHandle(
     HttpServletRequest request, HttpServletResponse response, 
     Object handler, ModelAndView modelAndView) 
     throws Exception { 

     long startTime = (Long)request.getAttribute("startTime"); 

     long endTime = System.currentTimeMillis(); 

     long executeTime = endTime - startTime; 

     //modified the exisitng modelAndView 


     //log it 
     if(logger.isDebugEnabled()){ 
      logger.debug("[" + handler + "] executeTime : " + executeTime + "ms"); 
     } 
    } 
} 

    enter code here

来源

2017-04-02 17:29:12 sharath

+0

请添加为何此代码回答此问题。没有任何解释,这个大小的代码块并不是有效的答案。 – trincot

相关问题

 相关问题