2

I have set up spring security to authenticate and authorize requests coming into my application. I have set up the configuration as so:

 public class OAuth2ServerConfiguration extends ResourceServerConfigurerAdapter {

        @Override
        public void configure(ResourceServerSecurityConfigurer resources) {

            // ...set up token store here

            resources.authenticationEntryPoint(new AuthenticationEntryPoint() {
                @Override
                public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {

                 //QUESTION
                 // How do I get the destination controller that this request was going to go to?
                 // Really, I'd like to get some information about the annotations that were on the destination controller.

                    response.setStatus(401);
                }
            });
        }

I'd like to grab some information about the destination controller that this request was going to go to. The controller isn't actually going to get hit in this scenario because spring security kicked in and threw out the response before it reached the controller.

Any tips? Thanks!

Jeff
  • 1,800
  • 8
  • 30
  • 54

2 Answers2

5

Assuming that OAuth2ServerConfiguration is a Spring managed bean, this should work for you.

...

@Autowired
private List<HandlerMapping> handlerMappings;

for (HandlerMapping handlerMapping : handlerMappings) {
  HandlerExecutionChain handlerExecutionChain = handlerMapping.getHandler(request);
  if (handlerExecutionChain != null) {
     // handlerExecutionChain.getHandler() is your handler for this request
  }
}

If unable to Autowire a List of HandlerMapping, Autowire ApplicationContext and adjust as follows.

for (HandlerMapping handlerMapping : applicationContext.getBeansOfType(HandlerMapping.class).values()) {
  HandlerExecutionChain handlerExecutionChain = handlerMapping.getHandler(request);
  if (handlerExecutionChain != null) {
     // handlerExecutionChain.getHandler() is your handler for this request
  }
}
lane.maxwell
  • 5,002
  • 1
  • 20
  • 30
1

You could try this:

@Configuration
public class WebMvcConfiguration extends WebMvcConfigurerAdapter {

    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(new HandlerInterceptor() {
            @Override
            public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
                return true;
            }

            @Override
            public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

            }

            @Override
            public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
                // handler is the controller
                MyAnnotation annotation = ((HandlerMethod) handler).getMethod().getAnnotation(MyAnnotation.class)
                // do stuff with the annotation
            }
        });
    }
}
Derek Fredrickson
  • 732
  • 4
  • 15