How to check for presence of specific header in every request with spring boot and if it is not – return 401? You can achieve this by implementing a custom HandlerInterceptor
in Spring Boot. Here’s an example:
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
import java.util.Arrays;
@Component
public class HeaderInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response) {
String[] requiredHeaders = {"Authorization"}; // Add your header name here
for (String header : requiredHeaders) {
if (request.getHeader(header) != null && !request.getHeader(header).isEmpty()) {
return true;
}
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return false;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) {
// You can add your logic here if needed
}
}
Then, you need to configure Spring Boot to use this interceptor. You can do it by adding the following configuration in your application properties file:
spring.mvc.interceptor-only-mapped-requests=false
Or, you can configure it in your configuration class:
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class WebConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new HeaderInterceptor()).addPathPatterns("/**");//This will filter all
//registry.addInterceptor(new HeaderInterceptor()).addPathPatterns("/endpoint1", "/endpoint2", "/endpoint3");//This will filter only listed
}
}
This configuration will apply the interceptor to the requests configured. I’ve build several micro Spring Boot apps. They are currently intertwined/dependent together.