解决方案就是不使用sendError()并提供状态代码并提供自定义异常序列化:
@Servicepublic class AjaxAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler { @Autowired private ObjectMapper objectMapper; @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.getWriter().write(objectMapper.writevalueAsString(exception)); response.getWriter().flush(); }}
