From 5dce945e29138444c33906c93ee49acb031e0fdb Mon Sep 17 00:00:00 2001 From: Andy Wilkinson Date: Mon, 8 Jun 2020 17:06:42 +0100 Subject: [PATCH] Document dispatcher-types configuration for secured error pages Closes gh-19293 --- .../src/main/asciidoc/spring-boot-features.adoc | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc index 9b90d7f2aa..64d06669ad 100644 --- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc +++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc @@ -2306,12 +2306,20 @@ Note that the default `FilterRegistrationBean` does not include the `ERROR` disp -[[boot-features-error-handling-websphere]] -CAUTION:When deployed to a servlet container, Spring Boot uses its error page filter to forward a request with an error status to the appropriate error page. -The request can only be forwarded to the correct error page if the response has not already been committed. +[[boot-features-error-handling-war-deployment]] +===== Error handling in a war deployment +When deployed to a servlet container, Spring Boot uses its error page filter to forward a request with an error status to the appropriate error page. +This is necessary as the Servlet specification does not provide an API for registering error pages. +Depending on the container that you are deploying your war file to and the technologies that your application uses, some additional configuration may be required. + +The error page filter can only forward the request to the correct error page if the response has not already been committed. By default, WebSphere Application Server 8.0 and later commits the response upon successful completion of a servlet's service method. You should disable this behavior by setting `com.ibm.ws.webcontainer.invokeFlushAfterService` to `false`. +If you are using Spring Security and want to access the principal in an error page, you must configure Spring Security's filter to be invoked on error dispatches. +To do so, set the `spring.security.filter.dispatcher-types` property to `async, error, forward, request`. + + [[boot-features-spring-hateoas]]