spring security的ajax提交和json返回資料
阿新 • • 發佈:2019-01-14
版本一
ajax提交思想:用filter來實現,請求的匹配
json返回資料
public class LoginAuthenticationSuccesssHandler implements AuthenticationSuccessHandler {
static final Logger logger = LogManager.getLogger(LoginAuthenticationSuccesssHandler.class.getName());
private String defaultUrl;
public void setDefaultUrl 以後抽空完善具體程式碼,現在就說下核心思路
版本二
先直接上程式碼:
spring-security.xml的配置檔案
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<http pattern="/login/**" security="none"></http>
<http auto-config="false" use-expressions="true" entry-point-ref="http403EntryPoint">
<csrf disabled="true" />
<!-- 退出 -->
<logout invalidate-session="true" logout-url="/logout.do" logout-success-url="/index.html" delete-cookies="true" />
<!-- session管理 -->
<session-management invalid-session-url="/login/timedout.do" session-fixation-protection="none"
session-authentication-error-url="/login/timedout.do">
<concurrency-control error-if-maximum-exceeded="true" expired-url="/login/timedout.do"
max-sessions="1" />
</session-management>
<!-- 攔截器 -->
<custom-filter ref="CustomUsernamePasswordAuthenticationFilter" position="FORM_LOGIN_FILTER " />
<access-denied-handler error-page="/accessDenied.htm" />
</http>
<!-- 許可權管理器 -->
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userServiceDetail">
<password-encoder ref="standardPasswordEncoder" />
</authentication-provider>
</authentication-manager>
<beans:bean id="CustomUsernamePasswordAuthenticationFilter" class="u.frame.web.trade.security.ne.MyUsernamePasswordAuthenticationFilter">
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="authenticationSuccessHandler" ref="customSuccessHandler" />
<beans:property name="authenticationFailureHandler" ref="failureHandler" />
<beans:property name="filterProcessesUrl" value="/j_spring_security_check.do" />
<!-- <beans:property name="usernameParameter" value="jsonUsername" /> -->
<!-- <beans:property name="passwordParameter" value="j_password" /> -->
</beans:bean>
<!-- 登入成功的處理 -->
<beans:bean id="customSuccessHandler" class="u.frame.web.trade.security.ne.MySimpleUrlAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/login.htm" />
<beans:property name="targetUrlParameter" value="/LoginSuccessful.htm" />
</beans:bean>
<!-- 登入失敗的處理 -->
<beans:bean id="failureHandler" class="u.frame.web.trade.security.ne.MySimpleUrlAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/login.htm" />
</beans:bean>
<!-- 403的處理 -->
<beans:bean id="http403EntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />
<!-- 獲得使用者資訊 -->
<beans:bean id="userServiceDetail" class="u.frame.web.trade.security.old.MyUserDetailServiceImpl" />
<!-- 密碼加密工具 -->
<beans:bean id="standardPasswordEncoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder">
<beans:constructor-arg value="q1w2e3r4t5y6u7i8o9" />
</beans:bean>
</beans:beans>
MyUsernamePasswordAuthenticationFilter.java
package u.frame.web.trade.security.ne;
import java.io.BufferedReader;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import com.fasterxml.jackson.databind.ObjectMapper;
import u.frame.web.trade.model.Login;
public class MyUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
private String jsonUsername;
private String jsonPassword;
@Override
protected String obtainPassword(HttpServletRequest request) {
String password = null;
if (checkJson(request)) {
password = this.jsonPassword;
} else {
password = super.obtainPassword(request);
}
return password;
}
@Override
protected String obtainUsername(HttpServletRequest request) {
String username = null;
if (checkJson(request)) {
username = this.jsonUsername;
} else {
username = super.obtainUsername(request);
}
return username;
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) {
if (checkJson(request)) {
try {
/*
* HttpServletRequest can be read only once
*/
StringBuffer sb = new StringBuffer();
String line = null;
BufferedReader reader = request.getReader();
while ((line = reader.readLine()) != null) {
sb.append(line);
}
// json transformation
ObjectMapper mapper = new ObjectMapper();
Login login = mapper.readValue(sb.toString(), Login.class);
this.jsonUsername = login.getUserName();
this.jsonPassword = login.getPassWord();
return new UsernamePasswordAuthenticationToken(jsonUsername, jsonPassword);
} catch (Exception e) {
e.printStackTrace();
}
}
return super.attemptAuthentication(request, response);
}
public boolean checkJson(HttpServletRequest request) {
if ("application/json".equals(request.getHeader("Content-Type"))) {
return true;
}
return false;
}
}
MySimpleUrlAuthenticationSuccessHandler.java
package u.frame.web.trade.security.ne;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
public class MySimpleUrlAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication auth)
throws IOException, ServletException {
if ("application/json".equals(request.getHeader("Content-Type"))) {
/*
* USED if you want to AVOID redirect to LoginSuccessful.htm in JSON authentication
*/
response.getWriter().print("{\"responseCode\":\"SUCCESS\"}");
response.getWriter().flush();
} else {
super.onAuthenticationSuccess(request, response, auth);
}
}
}
MySimpleUrlAuthenticationFailureHandler.java
package u.frame.web.trade.security.ne;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
public class MySimpleUrlAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
throws IOException, ServletException {
if ("application/json".equals(request.getHeader("Content-Type"))) {
/*
* USED if you want to AVOID redirect to LoginSuccessful.htm in JSON authentication
*/
response.getWriter().print("{\"responseCode\":\"Failure\"}");
response.getWriter().flush();
} else {
// TODO Auto-generated method stub
super.onAuthenticationFailure(request, response, exception);
}
}
}
MyUserDetailServiceImpl.java
package u.frame.web.trade.security.old;
import java.util.HashSet;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import u.frame.web.trade.model.Login;
public class MyUserDetailServiceImpl implements UserDetailsService {
static final Logger logger = LogManager.getLogger(MyUserDetailServiceImpl.class.getName());
@Autowired
private StandardPasswordEncoder standardPasswordEncoder;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
if (StringUtils.isEmpty(username)) {
throw new UsernameNotFoundException("使用者名稱不可為空!");
}
//測試用的
if (!"123".equals(username)) {
throw new UsernameNotFoundException("error");
}
Login login = new Login();
login.setUserName(username);
login.setPassWord(standardPasswordEncoder.encode("123"));
logger.info(username);
boolean enabled = true;
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
return new org.springframework.security.core.userdetails.User(//
login.getUserName(), //
// user.getUserPassword()+"{"+user.getUserName()+"}",
login.getPassWord(), //
enabled, //
accountNonExpired, //
credentialsNonExpired, //
accountNonLocked, //
authorities//
);
}
}整體思想,就是filter過濾攔截。
版本三
不多說,直接上程式碼
applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<!-- 不需要攔截 -->
<http pattern="/login/**" security="none"></http>
<http auto-config="false" use-expressions="true" entry-point-ref="http403EntryPoint">
<csrf disabled="true" />
<headers>
<frame-options policy="SAMEORIGIN" />
<cache-control disabled="true" />
<content-type-options disabled="true" />
</headers>
<logout invalidate-session="true" logout-url="/login/logout.do" logout-success-url="/login/success.do" delete-cookies="true" />
<session-management invalid-session-url="/login/timedout.do" session-fixation-protection="none"
session-authentication-error-url="/login/timedout.do">
<concurrency-control error-if-maximum-exceeded="false" expired-url="/login/timedout.do" max-sessions="1" />
</session-management>
<!-- filter_security_interceptor -->
<custom-filter ref="mySecurityFilter" before="FILTER_SECURITY_INTERCEPTOR" />
<!-- form_login_filter -->
<custom-filter ref="CustomUsernamePasswordAuthenticationFilter" before="FORM_LOGIN_FILTER" />
</http>
<beans:bean id="CustomUsernamePasswordAuthenticationFilter" class="u.frame.web.trade.security.ne.MyUsernamePasswordAuthenticationFilter">
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="authenticationSuccessHandler" ref="successHandler" />
<beans:property name="authenticationFailureHandler" ref="failureHandler" />
<beans:property name="filterProcessesUrl" value="/logincheck1.do" />
<!-- <beans:property name="usernameParameter" value="jsonUsername" /> -->
<!-- <beans:property name="passwordParameter" value="j_password" /> -->
</beans:bean>
<!-- 自定義過濾器 -->
<beans:bean id="mySecurityFilter" class="u.frame.web.trade.security.old.MyFilterSecurityInterceptor" />
<!-- =========== -->
<!-- =========== -->
<!-- =========== -->
<!-- =========== -->
<!-- =========== -->
<!-- =========== -->
<!-- =========== -->
<!-- =========== -->
<!-- 認證管理器 -->
<!--驗證配置,認證管理器,實現使用者認證的入口,主要實現UserDetailsService介面即可 -->
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userServiceDetail">
<password-encoder ref="standardPasswordEncoder" />
</authentication-provider>
</authentication-manager>
<!-- 登入成功的處理 -->
<beans:bean id="successHandler" class="u.frame.web.trade.security.ne.MySimpleUrlAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/login/success.do" />
<!-- <beans:property name="targetUrlParameter" value="/LoginSuccessful.htm" /> -->
</beans:bean>
<!-- 登入失敗的處理 -->
<beans:bean id="failureHandler" class="u.frame.web.trade.security.ne.MySimpleUrlAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/login/error.do" />
</beans:bean>
<!-- 403的處理 -->
<beans:bean id="http403EntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />
<!-- 獲得使用者資訊 -->
<beans:bean id="userServiceDetail" class="u.frame.web.trade.security.old.MyUserDetailServiceImpl" />
<!-- 密碼加密工具 -->
<beans:bean id="standardPasswordEncoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder">
<beans:constructor-arg value="q1w2e3r4t5y6u7i8o9p0" />
</beans:bean>
</beans:beans>
MyUsernamePasswordAuthenticationFilter.java
package u.frame.web.trade.security.ne;
import java.io.BufferedReader;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import com.fasterxml.jackson.databind.ObjectMapper;
import u.frame.web.trade.model.Login;
public class MyUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
static Log log = LogFactory.getLog(MySimpleUrlAuthenticationFailureHandler.class);
// 使用者的登入資訊
private Login login;
@Override
protected String obtainPassword(HttpServletRequest request) {
System.out.println("MyUsernamePasswordAuthenticationFilter-obtainPassword");
if (checkJson(request)) {
if (login != null) {
return login.getPassWord();
}
}
// }
return super.obtainPassword(request);
}
@Override
protected String obtainUsername(HttpServletRequest request) {
System.out.println("MyUsernamePasswordAuthenticationFilter-obtainUsername");
if (checkJson(request)) {
if (login != null) {
return login.getUserName();
}
}
return super.obtainUsername(request);
}
public boolean checkJson(HttpServletRequest request) {
try {
if ("application/json".equals(request.getHeader("Content-Type"))) {
StringBuffer sb = new StringBuffer();
String line = null;
BufferedReader reader;
reader = request.getReader();
while ((line = reader.readLine()) != null) {
sb.append(line);
}
if (StringUtils.isNotEmpty(sb.toString())) {
ObjectMapper mapper = new ObjectMapper();
login = mapper.readValue(sb.toString(), Login.class);
}
return true;
}
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return false;
}
}
說明:
簡單的說,就是重寫http/form-login,使用http/form-login的另一種形式UsernamePasswordAuthenticationFilter就可以了。
版本4
為了解決UsernameNotFoundException的異常丟擲問題
直接上程式碼:
applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:security="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<!-- 不需要攔截 -->
<security:http pattern="/login/**" security="none"></security:http>
<security:http auto-config="false" use-expressions="true" entry-point-ref="http403EntryPoint">
<security:csrf disabled="true" />
<security:headers>
<security:frame-options policy="SAMEORIGIN" />
<security:cache-control disabled="true" />
<security:content-type-options disabled="true" />
</security:headers>
<!-- 退出 -->
<security:logout invalidate-session="true" logout-url="/login/logout.do" logout-success-url="/login/outSuccess.do"
delete-cookies="true" />
<!-- session超時 -->
<security:session-management invalid-session-url="/login/timedout.do" session-fixation-protection="none"
session-authentication-error-url="/login/timedout.do">
<security:concurrency-control error-if-maximum-exceeded="false" expired-url="/login/timedout.do"
max-sessions="1" />
</security:session-management>
<!-- filter_security_interceptor -->
<security:custom-filter ref="mySecurityFilter" before="FILTER_SECURITY_INTERCEPTOR" />
<!-- form_login_filter -->
<security:custom-filter ref="CustomUsernamePasswordAuthenticationFilter" before="FORM_LOGIN_FILTER" />
</security:http>
<bean id="CustomUsernamePasswordAuthenticationFilter" class="u.frame.web.trade.security.MyUsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="successHandler" />
<property name="authenticationFailureHandler" ref="failureHandler" />
<property name="filterProcessesUrl" value="/logincheck.do" />
</bean>
<!-- 自定義過濾器 -->
<bean id="mySecurityFilter" class="u.frame.web.trade.security.MyFilterSecurityInterceptor" />
<!-- 認證管理器 -->
<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<constructor-arg>
<list>
<ref bean="daoAuthenticationProvider" />
</list>
</constructor-arg>
</bean>
<!-- 認證提供類 -->
<bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService" ref="userServiceDetail" />
<property name="passwordEncoder" ref="standardPasswordEncoder" />
<!--不隱藏錯誤-->
<property name="hideUserNotFoundExceptions" value="false" />
</bean>
<!-- 登入成功的處理 -->
<bean id="successHandler" class="u.frame.web.trade.security.MySimpleUrlAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/login/success.do" />
<!-- <property name="targetUrlParameter" value="/LoginSuccessful.htm" /> -->
</bean>
<!-- 登入失敗的處理 -->
<bean id="failureHandler" class="u.frame.web.trade.security.MySimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/login/error.do" />
</bean>
<!-- 403的處理 -->
<bean id="http403EntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />
<!-- 獲得使用者資訊 -->
<bean id="userServiceDetail" class="u.frame.web.trade.security.MyUserDetailServiceImpl" />
<!-- 密碼加密工具 -->
<bean id="standardPasswordEncoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder">
<constructor-arg value="q1w2e3r4t5y6u7i8o9" />
</bean>
</beans>
相關推薦
spring security的ajax提交和json返回資料
版本一 ajax提交思想:用filter來實現,請求的匹配 json返回資料 public class LoginAuthenticationSuccesssHandler implements AuthenticationSuccessHandler
Spring mvc,jQuery和JSON資料互動
一、實驗環境的搭建 1、Spring mvc jar。 匯入spring mvc執行所需jar包。匯入如下(有多餘) 2、json的支援jar 3、加入jQuery。
下拉框只顯示最初下拉框中的值和json返回array的交集
sel .text json down emp tno append length drop 首先我們可以遍歷dropdown var array = new Array(); $("#select option").each(function(j){ array[j]=
對 spring中的 @RequestBody json 請求資料做 XSS過濾
關於xss過濾,網上大都是是對 param的,這個很多文章了 定義過濾器。XSSFilter 不說了, 還有就是對所有@ResponseBody 返回內容做XSS過濾的方案: MappingJackson2HttpMessageConverter 的objectMap
獲取request請求中post提交的JSON格式資料 並轉化成bean
專案在互動過程中,一般會使用json格式進行資料的傳輸 . 需要把一些實體bean轉換成json格式, 有需要把json格式轉化成bean. 下面就是一個工具類,使用者 json串和java bean之間相互轉換 import org.codehaus.jack
實現xml和json格式資料——單例模式的Db類(第二篇)
上一篇只是實現了xml和json格式資料的類的封裝,不過它是沒有資料的來源的;因此,本篇文章是封裝一個呼叫資料庫資料的方法,視訊裡面用的是mysql_connect()等函式,不過現在用這些函式會出現notice,因為這些函式已經過時了,將來可能不會再用到;其實
通過Intent傳送和接收返回資料
一、在Activity中通過Intent傳送資料給下一個活動 //在當前活動配置帶有傳送資料的intent Intent intent = new Intent(context,nextActivity.class); intent.putExtra("Extra_dat
java post請求的表單提交和json提交簡單小結
在java實現http請求時有分為多種引數的傳遞方式,以下給出通過form表單提交和json提交的引數傳遞方式: 1 public String POST_FORM(String url, Map<String,String> map,String encoding) throws Pa
表單提交和json提交
背景在前後端分離的開發組中,前端通常對自己程式碼組織的比較細緻,都會對AJAX,或者小程式API做封裝。而很多前端開發對後端介面要求的傳參 一頭霧水,後端開發人員對HTTP一知半解,傳參接收不到,說不清楚,互相推脫,誰誰應該改傳參方式。HTTP協議中:Content-Type
Spring mvc 通過@ResponseBody註解返回資料
@ResponseBody 作用: 該註解用於將Controller的方法返回的物件,根據HTTP Request Header的Accept的內容,通過適當的HttpMessageConverter轉換為指定格式後,寫入到Response物件的bo
Robotframework實現Dictionary資料和Json格式資料自由轉換
在Robotframework中進行介面協議測試時,需要實現Dictionary資料和Json格式資料自由轉換,便於資料構造方便快捷。本文章主要講解如何實現兩者之前的自由轉換。 一、首先Dictionary資料和Json格式資料自由轉換需要依賴python裡面的demjso
關於Laravel中使用response()方法呼叫json()返回資料unicode編碼轉換的問題解決
在網上找了好久沒有找到,之後一步一步測試,發現了Laravel還是很強大的,解決方案如下: public function response(){ // 返回json資料 $data = [ 'errCode'
安卓開發之解析XML和JSON格式資料
參考書作者:郭霖我會將所學的知識簡單記錄下來以便於大家快速查閱資料,另外郭霖大俠沒有提到的東西我也會作出補充我們通常情況下,每個需要訪問網路的應用程式都會有一個自己的伺服器,我們可以向伺服器提交資料,也可以從伺服器上獲取資料。在網路上傳輸資料時最常用的格式用兩種:XML和JS
SpringBoot+Jpa 在MySql中自動生成時間和返回json格式資料時間格式配置
先說資料時間格式的設定 有兩種 一種是:可以在apllication.property加入下面配置就可以 #時間戳統一轉換 spring.jackson.date-format=yyyy-MM-dd HH:mm:ss spring.jackson.time-zone=
Spring Boot之 Controller 接收引數和返回資料總結(包括上傳、下載檔案)
一、接收引數(postman傳送) 1.form表單 @RequestParam("name") String name 會把傳遞過來的Form表單中的name對應到formData方法的nam
Spring boot專案設定返回資料為JSON固定格式
package com.test.config; import com.test.entity.ResponseTemplate; import org.springframework.core.MethodParameter; import org.springframework.http.MediaTy
spring 設定返回資料格式及json的fastjson配置
spring mvc配置檔案當中新增如下內容,實現responsebody返回String的編碼設定, 並且使用fastjson作為json解析器,自動解析java物件作為返回: <!--
spring boot最新教程(四):返回json資料以及整合fastjson的使用
一 利用spring boot自帶的包Jackson來解析json資料我們在編寫介面的時候,時常會有需求返回json資料,那麼在spring boot應該怎麼操作呢?主要是在class中加入註解@RestController。關於@RestController請參考我的博文
Spring MVC全域性異常後返回JSON異常資料
問題: 當前專案是作為手機APP後臺支援,使用spring mvc + mybaits + shiro進行開發。後臺服務與手機端互動是傳送JSON資料。如果後臺發生異常,會直接返回異常頁面,顯示異常內容,如果是404請求不到資源或者500這類伺服器的問題,可能會導致返回404和500異常
Spring返回JSON時資料欄位丟失
在實現一個許可權管理系統過程中,使用者登入後需要返回該使用者可使用的介面地址。可是在返回資料中發少了一些資訊。接下來直接看程式碼。 簡單的來說就是獲取該表的所有資訊。可是得到的結果卻是這樣的。。 很明顯只獲取到了id,並沒有得到outlink欄位資訊