如何在shiro發生UnauthorizedException與UnauthenticatedException等異常時返回json而不是跳轉到錯誤頁面

        當客戶端的用戶要請求一個需要該用戶所不具有的role的接口時，往往會拋出未授權異常UnauthorizedException。

默認處理改異常的方式是在springmvc.xml中配置

org.springframework.web.servlet.handler.SimpleMappingExceptionResolver

如下：

<bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
        <property name="exceptionMappings">
            <props>
                <!-- 錯誤異常轉發jsp頁面 -->
                <prop key="org.apache.shiro.authz.UnauthorizedException">/unauthorized.jsp</prop>
                <prop key="org.apache.shiro.authz.UnauthenticatedException">/unauthenticated.jsp</prop>
            </props>
        </property>
    </bean>

如果遇到這種情況不需要跳轉別的頁面而只需要返回一個結果給客戶端，則需要自定義此處的

SimpleMappingExceptionResolver

主要是覆蓋

doResolveException

@Override
    protected ModelAndView doResolveException(HttpServletRequest request, HttpServletResponse response,
                                              Object handler, Exception ex) {
        try {
            // Expose ModelAndView for chosen error view.
            BaseResult result = new BaseResult();
            if (ex instanceof UnauthorizedException) {
                result.setMsg(RespMSG.MSG_UNAUTHORIZED );
                result.setStatus(RespMSG.STATUS_UNAUTHORIZED);
            } else if (ex instanceof UnauthenticatedException) {
                result.setMsg(RespMSG.MSG_UNAUTHENTICATED );
                result.setStatus(RespMSG.STATUS_UNAUTHENTICATED);
            } else {
                result.setMsg(RespMSG.MSG_FAILLED );
                result.setStatus(RespMSG.STATUS_FAILLED);
            }
            response.setHeader("Content-type", "text/html;charset=UTF-8");
            PrintWriter writer = response.getWriter();
            writer.write(new Gson().toJson(result));
            writer.flush();
        } catch (IOException e) {
            e.printStackTrace();
        }
        return null;
    }