我正在尝试在 Spring Boot 2 中的 WebSecurityConfig 配置方法中实现自定义 AuthenticationEntryPoint。
我见过很多这样的例子:
@Component
public class Http401UnauthorizedEntryPoint implements AuthenticationEntryPoint {
private final Logger log = LoggerFactory.getLogger(Http401UnauthorizedEntryPoint.class);
/**
* Always returns a 401 error code to the client.
*/
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException arg2) throws IOException,
ServletException {
log.debug("Pre-authenticated entry point called. Rejecting access");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Access Denied");
}
}
但我总是得到 403 而不是 401。
我怎样才能在 Spring boot 2 中做到这一点?
security ×1