LOGGER.error(msg); } catch (UnauthorizedException e) { msg = "您没有得到相应的授权!" + e.getMessage(); model.addAttribute("message", new ResultCode("1", msg)); LOGGER.error(msg);
@Override protected Response convert(UnauthorizedException exception, String id) { return Response.status(Status.FORBIDDEN) .header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN_TYPE) .entity(exception.getMessage()) .build(); } }
@ExceptionHandler({ UnauthorizedException.class }) @ResponseStatus(HttpStatus.OK) public String processException(UnauthorizedException e) { logger.error(e.getMessage(), e); return error("没此权限,请联系管理员"); }
@Override public Response toResponse(UnauthorizedException exception) { ResponseBuilder builder; if (!SecurityUtils.getSubject().isAuthenticated()) { builder = Response.status(Response.Status.UNAUTHORIZED); builder.header("WWW-Authenticate", HttpServletRequest.BASIC_AUTH + " realm=\"" + appName + "\""); } else { builder = Response.status(Response.Status.FORBIDDEN); } if (exception.getMessage() != null) builder = builder.entity(exception.getMessage()).type("text/plain"); return builder.build(); }
/** * 单独捕捉Shiro(UnauthorizedException)异常 * 该异常为访问有权限管控的请求而该用户没有所需权限所抛出的异常 * @param e * @return */ @ResponseStatus(HttpStatus.UNAUTHORIZED) @ExceptionHandler(UnauthorizedException.class) public ResponseBean handle401(UnauthorizedException e) { return new ResponseBean(HttpStatus.UNAUTHORIZED.value(), "无权访问(Unauthorized):当前Subject没有此请求所需权限(" + e.getMessage() + ")", null); }
/** * 没有权限 异常 * <p/> * 后续根据不同的需求定制即可 *//* @ExceptionHandler({UnauthorizedException.class}) @ResponseStatus(HttpStatus.UNAUTHORIZED) public ModelAndView handleUnauthenticatedException(NativeWebRequest request, UnauthorizedException e) { ModelAndView mv = new ModelAndView(); mv.addObject("exception", e); mv.setViewName("system/unauthorized"); return mv; }*/ @ResponseBody @ExceptionHandler({UnauthorizedException.class}) @ResponseStatus(HttpStatus.UNAUTHORIZED) public Result handleUnauthenticatedException(HttpServletRequest request, UnauthorizedException e) { LOGGER.error("execute methond exception error.url is {}", request.getRequestURI(), e); return Result.failure(ResultCodeEnum.UNAUTHORIZED, e.getMessage()); }
@ExceptionHandler( { UnauthorizedException.class }) @ResponseStatus(HttpStatus.UNAUTHORIZED) public void processUnauthorizedException(NativeWebRequest request, HttpServletResponse response,UnauthorizedException e) { ServletWebRequest req = (ServletWebRequest)request; String url = req.getRequest().getRequestURI(); // return "您无权访问接口:"+url; try { String exception = e.getMessage(); response.setHeader("Content-type", "text/html;charset=UTF-8"); //这句话的意思,是告诉servlet用UTF-8转码,而不是用默认的ISO8859 response.setCharacterEncoding("UTF-8"); PrintWriter writer = response.getWriter(); writer.println("You are not allow to invoke "+url+" method.方法"); writer.println(exception); } catch (IOException e1) { e1.printStackTrace(); } } }
LOG.warn("Unauthorized operation attempt {}", e.getMessage());
LOG.warn("Unauthorized operation attempt {}", e.getMessage());
LOG.warn("Unauthorized operation attempt {}", e.getMessage());