Spring controller throwing HttpStatus.UNAUTHORIZED fires 500 Http error instead of 401
12,858
First throw new HttpUnauthorizedException();
then you can catch it at a normal controller that have @ControllerAdvice
annotation
@ControllerAdvice // To Handle Exceptions
public class ExceptionController {
//// ...........
@ExceptionHandler({HttpUnauthorizedException.class})
@ResponseBody
@ResponseStatus(value = HttpStatus.UNAUTHORIZED)
Map<String, String> unauthorizedAccess(Exception e) {
Map<String, String> exception = new HashMap<String, String>();
log.error("unauthorized Access to the API: " + e.getMessage(), e);
exception.put("code", "401");
exception.put("reason", e.getMessage());
return exception;
}
}
Author by
Shotgun
Updated on July 10, 2022Comments
-
Shotgun almost 2 years
Here's the scenario : I created the following custom response exception, to fire the 401 Http Status :
@ResponseStatus(value = HttpStatus.UNAUTHORIZED) public class HttpUnauthorizedException extends RuntimeException { }
The controller that uses the exception :
@Controller public UserController { @RequestMapping(value = "api/user") @ResponseBody public String doLogin( @RequestParam(value = "username", required = false) String username, @RequestParam(value = "password", required = false) String password) { if(userLoggedIn(String username, String password)) { return "OK"; } else { throw new HttpUnauthorizedException(); } } ... }
Now when I try to access the controller to see the 401 exception, the server fires the Http error code 500 instead. But interestingly enough, when I try with the
HttpStatus.NOT_FOUND
it actually works, the server fires 404. Is there something I'm missing on here?Thanks in advance :-)