经过一番搜索,我发现如果我不直接使用BasicAuthenticationEntryPoint,而是对其进行扩展并覆盖其中的两个方法,则可以设置所需的返回值,它将解决我的问题。那是该页面每次用户单击“取消”按钮时都会重新加载登录弹出窗口。
@Component
public class CustomBasicAuthenticationEntryPoint extends BasicAuthenticationEntryPoint {
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authEx) throws IOException {
//Header response
response.addHeader("WWW-Authenticate", "Basic realm=" + getRealmName() + "");
//Error Status, that you want to return, 401, 404, ....
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
//Message that will be showed at screen
PrintWriter writer = response.getWriter();
writer.println("HTTP Status 401 - " + authEx.getMessage());
}
@Override
public void afterPropertiesSet() {
setRealmName("NO MATTER WICH NAME");
super.afterPropertiesSet();
}
}
我在<http>内的security-context.xml中对其进行了配置,但是您可以在代码级别执行相同的操作。
<http-basic entry-point-ref="customBasicAuthenticationEntryPoint" />
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句