I am using spring security 3.2.5. When i pass wrong or empty customer request parameter in the request, I get NonceExpiredException and returning me OK response. For other parameters my webservice is fine.
For example
http://localhost:8080/vtap/devices/?customer=&platform=Andriod
In above url customer parameter is empty. I am getting NonceExpiredException and returning empty OK response and request is not hitting webservice method. I am using spring restfull webservice.Instead of OK response I wanted 400 response.
you can always write a Filter for normalizing your URL and response back 400 as you wish to user before Spring Security Filter even get started ~
Related
I have been testing my REST Service with the PostMan tool. It works fine when I am trying to hit the #POST method with content type application/x-www-form-urlencoded and set all the data in body as a x-www-form-urlencoded parameters.
But when I changed my service method so that it can accept form param only and then I tried to hit service through postman on setting all the parameter as from-data in request body. I am getting null value in form param in service.
postman attachment:
Setting form param
Setting Content type
Service Method
I have a spring application, restful/mvc with a basic spring controller. Also, internally jackson is used to map the json data into beans. When the client sends bad data say, an extra field is added in the JSON body there the controller returns with a 400 bad request error to the client. This is for post requests. Is there a way to handle the 400 error and capture the error and log it.
Hii I have implemented spring-security-oauth2 in my application. Everything is working fine. But the request goes for token is GET and the parameters are added as Url param.
I want to make it Post request and pass param in Request body.
Is there anyway?
Disclaimer: I'm new to Java, Spring, and Spring Boot.
I'd like to have Spring Boot return a 404 when trying to POST to a URL that doesn't exist. However, right now it's returning a 405, with an Allow header that only includes GET and HEAD. Is there a way to customize which HTTP methods are allowed so that I get a 404? I've tried implementing a custom ErrorController, but that doesn't seem to work.
To be clear: this is when I'm POSTing to a URL that shouldn't be matched by any of my defined endpoints, e.g http://example.com/some-bogus-thing
If any more information is needed to diagnose this, I'd be happy to provide it. Given my unfamiliarity with the platform, I'm not sure what's relevant.
HTTP 405 (Method not found) is returned, when URL exists and you try to use an HTTP Method that is not allowed on that particular URL mapping.
if you invoke a POST on below .../test then it will return HTTP 405 and vice versa.
#RequestMapping(value = "/test", method = RequestMethod.GET)
if there is no URL mapping for any of the HTTP methods, then it will return HTTP 404.
To know all the current mappings on that particular boot instance, just to go browser
http://localhost:8080/mappings
Check here:
https://github.com/spring-projects/spring-boot/issues/4876
The solution is to have a setup like this:
spring:
mvc:
static-path-pattern: /static/**
In case anyone still encounter this issue:
This is a bug on spring framework 4.2.4, please refer to https://github.com/spring-projects/spring-framework/issues/18516
And as it said, this issue has been fixed since 4.3 RC1.
I want to understand how a RESTful web service identifies if a correct request method is called.
For example,
I have a REST service it exposes one operation which is of type GET.
Assume a REST client has invoked the operation using a wrong request method(PUT).
In this scenario, how the service/framework identifies a correct request method is invoked?
I have gone through various posts to understand the scenario but I don't find any information.
Please let me know your comments.
The first line sent in an HTTP request looks like this:
GET /index.html HTTP/1.1
The HTTP request thus contains the HTTP method (POST, PUT, GET, etc.). The framework reads this method, and invokes the Java method that is mapped (thanks to annotations, or XML configuration, or whatever) to the URL (also contained in the HTTP request, as shown above) and the HTTP method. If none is found, then an error response is sent back (405 Method Not Allowed, if the resource is found, but with another method, or 404 if the resource is not found).
It's the http protocol not REST that checks headers, and reports back with an error code.
REST is sort of a strategy, not an implementation.
Hope this helps.