Spring Boot控制器问题[重复]

【问题标题】:Spring boot controller issue [duplicate]Spring Boot控制器问题[重复]
【发布时间】:2018-02-18 06:55:14
【问题描述】:

我正在使用过滤器检查用户是否已连接(令牌有效),如果令牌无效,我设置了一个名为“error”的属性,其中包含错误的详细信息,这是我的控制器

@RestController
public class HomeController {


@RequestMapping(value = "secure/info", method = RequestMethod.POST)

public Object login(@RequestBody User user,@RequestAttribute(name="error") AppError error)  {

    if(error!=null) return error ;
    return "information";

}

这是我的过滤器:

        @Override
        public void doFilter(final ServletRequest req, final ServletResponse res, final FilterChain chain)
                throws IOException, ServletException {

            final HttpServletRequest request = (HttpServletRequest) req;
            final HttpServletResponse response = (HttpServletResponse) res;
            final String authHeader = request.getHeader("authorization");

            if ("OPTIONS".equals(request.getMethod())) {
                response.setStatus(HttpServletResponse.SC_OK);

                chain.doFilter(request, response);
            } else {

                if (authHeader == null || !authHeader.startsWith("Bearer ")) {
                    AppError error = new AppError("0001","Invalid bearer token.");
                    request.setAttribute("error", error);
                    chain.doFilter(request, response);
                }

                final String token = authHeader.substring(7);

                try {
                    final Claims claims = Jwts.parser().setSigningKey("secretkey").parseClaimsJws(token).getBody();
                    request.setAttribute("claims", claims);
                } catch (final SignatureException e) {
                    AppError error = new AppError("0002","Invalid token signature.");
                    request.setAttribute("error", error);
                    chain.doFilter(request, response);
                }
                 catch (final ExpiredJwtException e) {
                     AppError error = new AppError("0003","Expired token.");
                     request.setAttribute("error", error);
                     chain.doFilter(request, response);

                 }

                 catch (final MalformedJwtException e) {
                     AppError error = new AppError("0004","Malformed token.");
                     request.setAttribute("error", error);
                     chain.doFilter(request, response);
                     //return ;
                 }



                chain.doFilter(req, res);
            }
        }

这是我得到的例外:

java.lang.IllegalStateException:无法调用 sendError() 在 已提交响应 在 org.apache.catalina.connector.ResponseFacade.sendError(ResponseFacade.java:472) ~[tomcat-embed-core-8.5.16.jar:8.5.16] 在 org.springframework.web.servlet.mvc.support.DefaultHandlerExceptionResolver.handleHttpMessageNotReadable(DefaultHandlerExceptionResolver.java:386) ~[spring-webmvc-4.3.10.RELEASE.jar:4.3.10.RELEASE] 在 ... …… 在 com.inconso.LoginFilter.doFilter(LoginFilter.java:67) [classes/:na]

【问题讨论】:

    标签: spring servlets spring-boot servlet-filters


    【解决方案1】:

    在条件为真的else 块中:authHeader == null || !authHeader.startsWith("Bearer ") 您正在调用chain.doFilter() 两次。

    曾在此区块中:

    if (authHeader == null || !authHeader.startsWith("Bearer ")) {
    AppError error = new AppError("0001","Invalid bearer token.");
    request.setAttribute("error", error);
    chain.doFilter(request, response);
}

    第二次在else 块的末尾:

    else {

    ...

    chain.doFilter(req, res);
}

    一次就足够了,所以要么从 else 块的底部删除最后一个 chain.doFilter(request, response),要么从该块其他地方的 if 和 catch 子句中删除 chain.doFilter(request, response)

    【讨论】:

      【解决方案2】:

      在第一个 chain.doFilter(request, response); 之后添加退货声明 -- 提前退货方法

                      if (authHeader == null || !authHeader.startsWith("Bearer ")) {
                    AppError error = new AppError("0001","Invalid bearer token.");
                    request.setAttribute("error", error);
                    chain.doFilter(request, response);

                    // ADD a RETURN STATEMENT HERE
                }

      OR(IF-ELSE 阶梯法)

      // START: MOVE THIS inside AN ELSE Block

                final String token = authHeader.substring(7);

                try {
                    final Claims claims = Jwts.parser().setSigningKey("secretkey").parseClaimsJws(token).getBody();
                    request.setAttribute("claims", claims);
                } catch (final SignatureException e) {
                    AppError error = new AppError("0002","Invalid token signature.");
                    request.setAttribute("error", error);
                    chain.doFilter(request, response);
                }
                 catch (final ExpiredJwtException e) {
                     AppError error = new AppError("0003","Expired token.");
                     request.setAttribute("error", error);
                     chain.doFilter(request, response);

                 }

                 catch (final MalformedJwtException e) {
                     AppError error = new AppError("0004","Malformed token.");
                     request.setAttribute("error", error);
                     chain.doFilter(request, response);
                     //return ;
                 }
// END: MOVE THIS inside AN ELSE Block

      【讨论】:

        猜你喜欢
        • 2015-11-28
        • 1970-01-01
        • 1970-01-01
        • 2011-06-09
        • 2021-03-23
        • 2016-09-17
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        相关资源
        最近更新 更多
        热门标签
        Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode