From be012f222ebb1f6a10c88adcfc7527042a0fe748 Mon Sep 17 00:00:00 2001 From: Art Date: Mon, 6 Sep 2021 08:05:07 +0300 Subject: [PATCH] Fixed AccessDeniedHandler and AuthEntryPoint (#2) --- .../backend/filter/JwtAccessDeniedHandler.java | 6 ++++-- .../backend/filter/JwtAuthenticationEntryPoint.java | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAccessDeniedHandler.java b/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAccessDeniedHandler.java index 482b343..63c8567 100644 --- a/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAccessDeniedHandler.java +++ b/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAccessDeniedHandler.java @@ -13,6 +13,7 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.io.OutputStream; import static org.springframework.http.HttpStatus.UNAUTHORIZED; @@ -30,8 +31,9 @@ public class JwtAccessDeniedHandler implements AccessDeniedHandler { .message(SecurityConstants.ACCESS_DENIED_MESSAGE) .reason(UNAUTHORIZED.getReasonPhrase().toUpperCase()) .build(); - String jsonString = objectMapper.writeValueAsString(httpResponse); + response.setStatus(UNAUTHORIZED.value()); response.setContentType(MediaType.APPLICATION_JSON_VALUE); - response.sendError(UNAUTHORIZED.value(), jsonString); + OutputStream outputStream = response.getOutputStream(); + objectMapper.writeValue(outputStream, httpResponse); } } diff --git a/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAuthenticationEntryPoint.java b/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAuthenticationEntryPoint.java index 4778a8e..b798fc0 100644 --- a/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAuthenticationEntryPoint.java +++ b/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAuthenticationEntryPoint.java @@ -12,6 +12,7 @@ import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.io.OutputStream; import static org.springframework.http.HttpStatus.FORBIDDEN; @@ -30,8 +31,9 @@ public class JwtAuthenticationEntryPoint extends Http403ForbiddenEntryPoint { .message(SecurityConstants.FORBIDDEN_MESSAGE) .reason(FORBIDDEN.getReasonPhrase().toUpperCase()) .build(); - String jsonString = objectMapper.writeValueAsString(httpResponse); + response.setStatus(FORBIDDEN.value()); response.setContentType(MediaType.APPLICATION_JSON_VALUE); - response.sendError(403, jsonString); + OutputStream outputStream = response.getOutputStream(); + objectMapper.writeValue(outputStream, httpResponse); } }