we are using OAuth2-JWT-Token authorization with user_credentials grant type. When we put in the correct credentials everything works fine, but when we try wrong credentials a digest authentication window form the browser appears, because the response on wrong credentials is 401 and not 403. So I'm trying to add a filter before the response to change the 401 status code to 403. But I'm not sure where to put the filter:
http.addFilterAfter(new OncePerRequestFilter() {
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
System.out.println("Filter auth " + request.getRequestURL() + " : " + response.getStatus());
filterChain.doFilter(request, response);
}
}, FilterSecurityInterceptor.class);
This test code does nothing. I don't know why. Is there a filter class for where I can set my filter after it to filter each response? Or have you a better idea to change the wrong response-status-code of spring oauth2?
Aucun commentaire:
Enregistrer un commentaire