Menu
I have handled unauthorized exception like this
@ResponseStatus(value= HttpStatus.UNAUTHORIZED)
public class UnauthorizedException extends RuntimeException {
public UnauthorizedException(String message) {
super(message);
}
}
but when I throw the error as follows
throw new UnauthorizedException("Invalid credentials");
I get the error message empty in the response as follows
{
"timestamp": "2020-05-27T13:44:58.032+00:00",
"status": 401,
"error": "Unauthorized",
"message": "",
"path": "/auth/register"
}
I tried using,
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "Invalid credentials");
but the result is still the same. When I added spring-boot-devtools dependency, I get the message as expected with the stack trace as well. How can I fix this?
Spring version : 2.3.0 Java Version: 11.0
296
The most basic way of returning an error message from a REST API is to use the @ResponseStatus annotation. We can add the error message in the annotation's reason field. Although we can only return a generic error message, we can specify exception-specific error messages.
Method Summary Handle the case where an async request timed out. Handle the case where an @ModelAttribute method argument has binding or validation errors and is not followed by another method argument of type BindingResult . Handle the case when a WebDataBinder conversion cannot occur.
Exception Handler The @ExceptionHandler is an annotation used to handle the specific exceptions and sending the custom responses to the client. Define a class that extends the RuntimeException class. You can define the @ExceptionHandler method to handle the exceptions as shown.
Altogether, the most common way is to use @ExceptionHandler on methods of @ControllerAdvice classes so that the exception handling will be applied globally or to a subset of controllers. ControllerAdvice is an annotation introduced in Spring 3.2, and as the name suggests, is “Advice” for multiple controllers.
Let’s start by fixing the error message issue. Spring Boot provides some properties with which we can add the exception message, exception class, or even a stack trace as part of the response payload: Using these Spring Boot server properties in our application.yml we can alter the error response to some extent.
"defaultMessage": "The author email '[email protected]' must be between 5 and 14 characters long" Notice that for accessing external variables, we use $ {} syntax, but for accessing other properties from the validation annotation, we use {}. Spring will convert the ternary operator to a single value in the error message:
It provides exception handlers for internal Spring exceptions. If we don’t extend it, then all the exceptions will be redirected to DefaultHandlerExceptionResolver which returns a ModelAndView object. Since we are on the mission to shape our own error response, we don’t want that.
We will use the semantics of each exception to build out meaningful error messages for the client, with the clear goal of giving that client all the info to easily diagnose the problem. Learn how to apply status codes to HTTP responses in Spring with ResponseStatusException.
Ok got it, they have changed the default value for server.error.include-message to "never" (see the comment section here: Spring 2.3.0 Release Info
All the default values are listed here: Spring Boot Reference Documentation
Just configure your application.yaml (or properties) like this.
server:
error:
include-message: always
include-binding-errors: always
Mind that showing error messages may leak information about your server implementation.
76
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
