package com.example.jz.auth; import cn.hutool.json.JSONUtil; import com.example.jz.modle.R; import org.springframework.context.annotation.Bean; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.web.access.AccessDeniedHandler; import org.springframework.security.web.firewall.HttpFirewall; import org.springframework.security.web.firewall.StrictHttpFirewall; import org.springframework.stereotype.Component; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; import java.util.regex.Pattern; import static java.nio.charset.StandardCharsets.ISO_8859_1; import static java.nio.charset.StandardCharsets.UTF_8; /** * @author 安瑾然 * @data 2022/7/18 - 10:35 AM * @description 无权访问配置 */ @Component public class MyAccessDeniedHandler implements AccessDeniedHandler { @Bean public HttpFirewall httpFirewall() { StrictHttpFirewall firewall = new StrictHttpFirewall(); Pattern allowed = Pattern.compile("[\\p{IsAssigned}&&[^\\p{IsControl}]]*"); firewall.setAllowedHeaderValues((header) -> { String parsed = new String(header.getBytes(ISO_8859_1), UTF_8); return allowed.matcher(parsed).matches(); }); return firewall; } @Override public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) throws IOException, ServletException { R r = new R<>(); r.setCode(403); r.setMsg("无权访问"); r.setData(null); // 设置返回消息类型 httpServletResponse.setHeader("Content-type", "text/html;charset=UTF-8"); httpServletResponse.setCharacterEncoding("utf-8"); httpServletResponse.setContentType("application/json;charset=UTF-8"); // 返回给请求端 PrintWriter writer = httpServletResponse.getWriter(); writer.write(JSONUtil.toJsonStr(r)); writer.flush(); writer.close(); } }