你好,我有过滤器来从JWT中获取自动化
public class JwtAuthorizationFilter extends AbstractAuthenticationProcessingFilter {
public JwtAuthorizationFilter() {
super("/**");
}
@Override
public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler successHandler) {
super.setAuthenticationSuccessHandler(successHandler);
}
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException {
super.successfulAuthentication(request, response, chain, authResult);
chain.doFilter(request, response);
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
String token = request.getHeader("Authorization");
//code
return getAuthenticationManager().authenticate(getAuthentication(token));
}
private UsernamePasswordAuthenticationToken getAuthentication(String token) {
// code
}
问题是当我到达成功的身份验证并执行chain.doFilter时,我得到了异常 “具有根本原因的路径为[]的上下文中的servlet [dispatcherServlet]的servlet.service()引发了异常[请求处理失败;嵌套的异常为java.lang.IllegalStateException:提交响应后无法调用sendError()]并有根本原因” 而且我无法获得终点。我还注意到,即使我只登录一次,authResult也会生成许多具有相同数据的(对象?)
@Edit我现在注意到,在成功授权之后,spring试图几次到达我的控制器。第一个返回值,但是其他返回值只是丢球,我不知道为什么会有这个循环
答案 0 :(得分:0)
在super.successfulAuthentication内部做什么?如果您对HttpServletResponse对象进行了任何修改,例如,通过更改Http状态代码或ResponseEntity,您将无法再通过调用chain.doFilter(request, response)进入链中的下一个过滤器,因为响应已提交并返回给客户端。