Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ResponseStatusException no longer returning response body in 2.6.7 using Spring Security #31091

Closed
grojas123 opened this issue May 18, 2022 · 4 comments
Closed

ResponseStatusException no longer returning response body in 2.6.7 using Spring Security #31091

grojas123 opened this issue May 18, 2022 · 4 comments
Labels
status: invalid An issue that we don't feel is valid

Comments

@grojas123
Copy link

I am seeing this behavior again #28953 . In version 2.6.7
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label May 18, 2022
@bclozel
Copy link
Member

bclozel commented May 18, 2022

As requested by Phil in the linked issue, please provide a sample application we can run and debug (attached as a zip, or a link to a GitHub project). Without it, there is no way for us to make progress here.

@bclozel bclozel added the status: waiting-for-feedback We need additional information before we can continue label May 18, 2022
@grojas123
Copy link
Author

Here the code . https://github.com/grojas123/ResponseStatusException31091 .
Simply test
curl http://localhost:8080/hello with version 2.6.7 no response at all
curl http://localhost:8080/hello with version 2.5.6
{"timestamp":"2022-05-18T15:01:17.531+00:00","status":401,"error":"Unauthorized","path":"/hello"}

@spring-projects-issues spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels May 18, 2022
@mbhave
Copy link
Contributor

mbhave commented May 18, 2022
edited

@grojas123 That is the expected behavior that is a result of the bug fix in #26356. The /error page requires authenticated access by default and in this case you aren't passing any credentials.

#28953 was a different issue because it wasn't returning the response body even for authorized users.

If you'd like to allow unauthenticated access to the error page, you can do so by explicitly adding permitAll() for /errorin aSecurityFilterChain` bean.

@mbhave mbhave closed this as completed May 18, 2022
@mbhave mbhave added status: invalid An issue that we don't feel is valid and removed status: waiting-for-triage An issue we've not yet triaged status: feedback-provided Feedback has been provided labels May 18, 2022
@grojas123
Copy link
Author

@mbhave Thank you .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: invalid An issue that we don't feel is valid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bclozel @mbhave @grojas123 @spring-projects-issues