当用户在Spring启动应用程序中输入无效URL时,如何显示自定义404页面?
我在spring boot,spring安全应用程序中使用java配置。 我已将错误控制器配置如下。 但每当我输入一个无效的URL时,它会转到error.jsp ,它被配置为处理应用程序中的错误:
@Controller public class AppErrorController implements ErrorController { private static final String PATH = "/error"; @RequestMapping(value = "/pageNotFound", method = { RequestMethod.GET, RequestMethod.POST }) public String pageNotFound() { return "pageNotFound"; } @RequestMapping(value = "/accessDenied", method = { RequestMethod.GET, RequestMethod.POST }) public String accessDenied() { return "accessDenied"; } @RequestMapping(value = PATH) public String error() { return "error"; } @Override public String getErrorPath() { return PATH; } }
web.xml中
404 /pageNotFound 500 /error
输入无效URL时,永远不会抛出404。
另外,我没有使用嵌入式tomcat。 我正在向外部tomcat部署战争。 我在application.yml文件中有这个:
server: error: whitelabel: enabled: false
以下是我输入无效url时的登录情况。 没有错误。 它只是在无效URL的情况下重定向到/error :
2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] osbcweb.OrderedRequestContextFilter : Bound request context to thread: org.apache.catalina.connector.RequestFacade@371ef2a3 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Checking match of request : '/donotexisturl'; against '/static/**' 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Checking match of request : '/donotexisturl'; against '/i18n/**' 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter' 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] wcHttpSessionSecurityContextRepository : Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@b8db0c9d: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@b8db0c9d: Principal: User{id=8, firstname='Adam', lastname='Milne', email='adam.milne@abcd.com', roleId=1}; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffd148a: RemoteIpAddress: 127.0.0.1; SessionId: FED1F23633671F6E257CA9C5AFCEE216; Granted Authorities: ModuleOperation{moduleOperationId=1, moduleOperationName='roleList', moduleId=2, moduleName='role'}, ModuleOperation{moduleOperationId=8, moduleOperationName='deleteUser', moduleId=1, moduleName='user'}' 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter' 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] osswheader.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@6e929f31 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter' 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 5 of 13 in additional filter chain; firing Filter: 'LogoutFilter' 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Request 'GET /donotexisturl' doesn't match 'POST /logout 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 6 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter' 2016-03-15 10:02:45.061 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Request 'GET /donotexisturl' doesn't match 'POST /checklogin 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 7 of 13 in additional filter chain; firing Filter: 'ConcurrentSessionFilter' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osswaAnonymousAuthenticationFilter : SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@b8db0c9d: Principal: User{id=8, firstname='Adam', lastname='Milne', email='adam.milne@abcd.com', roleId=1}; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffd148a: RemoteIpAddress: 127.0.0.1; SessionId: FED1F23633671F6E257CA9C5AFCEE216; Granted Authorities: ModuleOperation{moduleOperationId=1, moduleOperationName='roleList', moduleId=2, moduleName='role'}, ModuleOperation{moduleOperationId=8, moduleOperationName='deleteUser', moduleId=1, moduleName='user'}' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Request 'GET /donotexisturl' doesn't match 'POST /logout 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Checking match of request : '/donotexisturl'; against '/login**' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Checking match of request : '/donotexisturl'; against '/error**' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Checking match of request : '/donotexisturl'; against '/checklogin**' 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osswaiFilterSecurityInterceptor : Secure object: FilterInvocation: URL: /doNotExistURL; Attributes: [fullyAuthenticated] 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osswaiFilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@b8db0c9d: Principal: User{id=8, firstname='Adam', lastname='Milne', email='adam.milne@abcd.com', roleId=1}; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffd148a: RemoteIpAddress: 127.0.0.1; SessionId: FED1F23633671F6E257CA9C5AFCEE216; Granted Authorities: ModuleOperation{moduleOperationId=1, moduleOperationName='roleList', moduleId=2, moduleName='role'}, ModuleOperation{moduleOperationId=8, moduleOperationName='deleteUser', moduleId=1, moduleName='user'} 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.access.vote.UnanimousBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@6ad88564, returned: 1 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.access.vote.UnanimousBased : Voter: org.springframework.security.access.vote.AuthenticatedVoter@19007bb6, returned: 0 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.access.vote.UnanimousBased : Voter: com.sts.app.core.user.security.AccessDecisionVoterImpl@1465b821, returned: 1 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osswaiFilterSecurityInterceptor : Authorization successful 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osswaiFilterSecurityInterceptor : RunAsManager did not change Authentication object 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /doNotExistURL reached end of additional filter chain; proceeding with original chain 2016-03-15 10:02:45.062 DEBUG 9997 --- [io-8080-exec-22] osweb.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/gen/doNotExistURL] 2016-03-15 10:02:45.063 DEBUG 9997 --- [io-8080-exec-22] swsmmaRequestMappingHandlerMapping : Looking up handler method for path /doNotExistURL 2016-03-15 10:02:45.064 DEBUG 9997 --- [io-8080-exec-22] swsmmaRequestMappingHandlerMapping : Did not find handler method for [/doNotExistURL] 2016-03-15 10:02:45.064 DEBUG 9997 --- [io-8080-exec-22] oswshandler.SimpleUrlHandlerMapping : Matching patterns for request [/doNotExistURL] are [/**] 2016-03-15 10:02:45.064 DEBUG 9997 --- [io-8080-exec-22] oswshandler.SimpleUrlHandlerMapping : URI Template variables for request [/doNotExistURL] are {} 2016-03-15 10:02:45.064 DEBUG 9997 --- [io-8080-exec-22] oswshandler.SimpleUrlHandlerMapping : Mapping [/doNotExistURL] to HandlerExecutionChain with handler [ResourceHttpRequestHandler [locations=[ServletContext resource [/], class path resource [META-INF/resources/], class path resource [resources/], class path resource [static/], class path resource [public/]], resolvers=[org.springframework.web.servlet.resource.PathResourceResolver@87dd2cb]]] and 1 interceptor 2016-03-15 10:02:45.064 DEBUG 9997 --- [io-8080-exec-22] osweb.servlet.DispatcherServlet : Last-Modified value for [/gen/doNotExistURL] is: -1 2016-03-15 10:02:45.077 DEBUG 9997 --- [io-8080-exec-22] osweb.servlet.DispatcherServlet : Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] osweb.servlet.DispatcherServlet : Successfully completed request 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] osswaExceptionTranslationFilter : Chain processed normally 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] sswcSecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] osbcweb.OrderedRequestContextFilter : Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade@371ef2a3 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] osbcweb.OrderedRequestContextFilter : Bound request context to thread: org.apache.catalina.core.ApplicationHttpRequest@20ae74b1 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/static/**' 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/i18n/**' 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter' 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] wcHttpSessionSecurityContextRepository : Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@b8db0c9d: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@b8db0c9d: Principal: User{id=8, firstname='Adam', lastname='Milne', email='adam.milne@abcd.com', roleId=1}; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffd148a: RemoteIpAddress: 127.0.0.1; SessionId: FED1F23633671F6E257CA9C5AFCEE216; Granted Authorities: ModuleOperation{moduleOperationId=1, moduleOperationName='roleList', moduleId=2, moduleName='role'}, ModuleOperation{moduleOperationId=8, moduleOperationName='deleteUser', moduleId=1, moduleName='user'}' 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter' 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter' 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 5 of 13 in additional filter chain; firing Filter: 'LogoutFilter' 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'POST /logout 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 6 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter' 2016-03-15 10:02:45.078 DEBUG 9997 --- [io-8080-exec-22] osswumatcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'POST /checklogin 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 7 of 13 in additional filter chain; firing Filter: 'ConcurrentSessionFilter' 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] osswaAnonymousAuthenticationFilter : SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@b8db0c9d: Principal: User{id=8, firstname='Adam', lastname='Milne', email='adam.milne@abcd.com', roleId=1}; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffd148a: RemoteIpAddress: 127.0.0.1; SessionId: FED1F23633671F6E257CA9C5AFCEE216; Granted Authorities: ModuleOperation{moduleOperationId=1, moduleOperationName='roleList', moduleId=2, moduleName='role'}, ModuleOperation{moduleOperationId=8, moduleOperationName='deleteUser', moduleId=1, moduleName='user'}' 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter' 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] ossecurity.web.FilterChainProxy : /error reached end of additional filter chain; proceeding with original chain 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] osweb.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/gen/error] 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] swsmmaRequestMappingHandlerMapping : Looking up handler method for path /error 2016-03-15 10:02:45.079 DEBUG 9997 --- [io-8080-exec-22] swsmmaRequestMappingHandlerMapping : Returning handler method [public java.lang.String com.sts.app.core.common.web.AppErrorController.error()]
首先,为您要处理的每个特殊HTTP错误定义一个例外。 在这里,我只是定义一个处理404 Not Found案例:
public class NotFoundException extends RuntimeException {}
要完全替换默认的Spring Boot的error handling机制,我们可以实现ErrorController 。 而不仅仅是实现ErrorController ,这里我扩展了AbstractErrorController ,它实现了ErrorController并提供了一些辅助方法,如getStatus() 。
无论如何,基本思想是使用端点处理所有错误,例如/error ,并在相应的HTTP状态代码的情况下抛出这些预定义的exception:
@Controller public class CustomErrorController extends AbstractErrorController { private static final String ERROR_PATH= "/error"; @Autowired public CustomErrorController(ErrorAttributes errorAttributes) { super(errorAttributes); } /** * Just catching the {@linkplain NotFoundException} exceptions and render * the 404.jsp error page. */ @ExceptionHandler(NotFoundException.class) public String notFound() { return "404"; } /** * Responsible for handling all errors and throw especial exceptions * for some HTTP status codes. Otherwise, it will return a map that * ultimately will be converted to a json error. */ @RequestMapping(ERROR_PATH) public ResponseEntity handleErrors(HttpServletRequest request) { HttpStatus status = getStatus(request); if (status.equals(HttpStatus.NOT_FOUND)) throw new NotFoundException(); return ResponseEntity.status(status).body(getErrorAttributes(request, false)); } @Override public String getErrorPath() { return ERROR_PATH; } }
当然,此解决方案仅适用于传统部署 。 如果您打算使用嵌入式Servlet容器,最好定义EmbeddedServletContainerCustomizer 。
你想将这个@Bean添加到你的spring应用程序配置中,如下所示:
@Bean public EmbeddedServletContainerCustomizer containerCustomizer() { return new EmbeddedServletContainerCustomizer() { @Override public void customize(ConfigurableEmbeddedServletContainer container) { ErrorPage error404Page = new ErrorPage(HttpStatus.NOT_FOUND, "/error404.html"); container.addErrorPages(error404Page); } }; }
并将error404.html放在静态文件夹中。
参考: http : //www.sporcic.org/2014/05/custom-error-pages-with-spring-boot/
干得好
@RestController public class RestErrorController implements ErrorController{ private static final String PATH = "/error"; @Autowired private ErrorAttributes errorAttributes; @RequestMapping(value=PATH,method=RequestMethod.GET) public ApiErrorExtended error(HttpServletRequest request, HttpServletResponse response){ return new ApiErrorExtended( response.getStatus(),getErrorAttributes(request, true)); } private Map getErrorAttributes(HttpServletRequest request, boolean includeStackTrace) { RequestAttributes requestAttributes = new ServletRequestAttributes(request); return errorAttributes.getErrorAttributes(requestAttributes, includeStackTrace); } public String getErrorPath() { return PATH; } }
这是我的rest错误控制器。 您可以修改它以返回您想要的任何内容。
嗨,您只需要配置以下内容:
404 /pageNotFound/404.jsp
并配置Javaexception:
java.lang.Exception /pageNotFound/exception.jsp