For a simple Spring Boot app with Spring Security, I want to trigger a RequestRejectedException and see it in my console output. I think I'm able to trigger a runtime expection of this type, but no ERROR logging appears in my console.
What I've done...
I've created a simple Spring Boot app (via start.spring.io) with Spring Web and Spring Security dependencies.
I've added a simple controller:
@RestController
@RequestMapping("/api/test/")
public class MyController {
@GetMapping("/get")
public String getString() {
return "hello";
}
}
Within Spring Tool Suite it runs on port 8080.
Console output shows it starts up correctly.
Spring Security generates the local development security password.
I can login using the generated password and 'User' and hit this URL
http://localhost:8080/api/test/get which returns the hello String.
I then create a RequestRejectedException (runtime exception) by adding a semi-colon to the end of the URL. The browser returns this type of ERROR:
There was an unexpected error (type=Bad Request, status=400).
I don't see anything in my CONSOLE output (or logs if I configure logback to print to file). I was expecting to see something like this:
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ....
Does anyone know why I can't see the RequestRejectedException in my CONSOLE/logs?
Thanks.