在验证失败的情况下,PreAuthorize注释发送HTTP 404而不是HTTP 401

时间:2018-05-07 10:03:12

标签: spring-boot

我有一段代码用于显示登录页面,具体取决于用户是否登录

@PropertySource(value = "classpath:securityConfig.properties", ignoreResourceNotFound = true)
@Controller
public class IndexController {
    private static final String LOGIN_PAGE           = "login";
    private static final String HOME_PAGE            = "home";
    private static final String LOBBY_PAGE           = "lobby";
    private static final String FORGOT_USER_PAGE     = "forgotUserName";
    private static final String FORGOT_PASSWORD_PAGE = "forgotPassWord";

    @Value("${auth.mode:fixed}")
    private String authenticationMode;

    public String getAuthenticationMode(){
         return this.authenticationMode;
    }

    @PreAuthorize("isAnonymous() AND this.getAuthenticationMode().equals(\"fixed\")")
    @RequestMapping(method = RequestMethod.GET, value = { "/login" })
    public String getIndexPage() {
        return LOGIN_PAGE;
    }

}

如果条件不满足,则@PreAuthorize注释会抛出HTTP 401。我该如何抛出HTTP 404?我只想为这个特殊的方法抛出404.

1 个答案:

答案 0 :(得分:0)

如果您只是不定义控制器,那么您将收到404 Not Found。这可以通过在控制器上使用@ConditionalOnProperty注释来实现。

请参阅我之前的回答https://stackoverflow.com/a/50211750/134894

相关问题
最新问题