problem-spring-web icon indicating copy to clipboard operation
problem-spring-web copied to clipboard

Published 20 hours ago verified publisher icon zalando

Handle IllegalArgumentException in SecurityWebFilterChain bean

Open hantsy opened this issue 2 years ago • 0 comments

Description

@Configuration
@Import(SecurityProblemSupport::class)
class SecurityConfig{
    @Autowired
    lateinit var problemSupport: SecurityProblemSupport

    //...
    @Bean
    fun springWebFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain = http {
        //....
        exceptionHandling {
            authenticationEntryPoint = problemSupport
            accessDeniedHandler = problemSupport
        }
        authorizeExchange {
            // ignore all default static resources
            authorize(pathMatchers("/{id}/**"), customCheck())
           //...
        }
   }
   
   fun customCheck():ReactiveAuthenctionManager<AuthenticationContext>{
      // a runtime IllegalArgumentException was thrown here.
   }
}

I have created an exception handler for IllegalArgumentException, it is working well for handling the exceptions from controllers.

Expected Behavior

Handled IllegalArgumentException, return a 400 status.

Actual Behavior

But it throws a 500 internal error instead.

hantsy avatar Oct 12 '23 10:10 hantsy