I expect exceptions thrown inside controller methods to be converted to 500 internal server error, but I'm getting 405 method not allowed exception in client side, no matter what exceptions occurs inside controller method.
There is nothing wrong with request mappings, as it goes to expected method when I debug it. But when an exception is throw from controller methods, I get "405 method not allowed" in my client
I tried catching exceptions and throwing HttpServerErrorException with appropriate error code and message, but nothing changed!
I do use spring security and here is the config:
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled=true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
/*
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
*/
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/session/**").permitAll()
.antMatchers("/app/**").permitAll()
.antMatchers("/lib/**").permitAll()
.antMatchers("/templates/**").permitAll()
.antMatchers("/dial/**").permitAll()
.antMatchers("/names/**").permitAll()
// .antMatchers("/workflows/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/#/login").permitAll();
http.csrf().disable();
http.exceptionHandling().defaultAuthenticationEntryPointFor(
new UnauthorizedLoginUrlAuthenticationEntryPoint("/login.html"),
new ELRequestMatcher("hasHeader('X-Requested-With','XMLHttpRequest')"));
/* .logout()
.permitAll();*/
}
}
Actually the problem was because of existence of a bean of type EmbeddedServletContainerCustomizer.
I removed it and problem solved.