A custom AuthenticationEntryPoint
can be used to set necessary response headers, content-type, and so on before sending the response back to the client.
The org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
class is a built-in AuthenticationEntryPoint
implementation, which will get invoked for basic authentication to commence. A custom entry point can be created by implementing the org.springframework.security.web.AuthenticationEntryPoint
interface. The following is an example implementation:
@Component public final class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint { @Override public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException { response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"); } }
When a client accesses resources without authentication...