I use Spring Boot 3 and Spring Cloud 2023.I have microservice architecture that each microservice have different front and backend, I use API Gateway to handle all APIs concentrated. I have a centralized login page. My APIs are called from ReactJS in front layer. ReactJS calls my APIs from API Gateway. I want to handle 401 error in my API Gateway not in all front projects. I want to redirect whole react page to the login page when there isn’t Authorization header or it is invalid. But when the condition is true and I redirect to login page, address in react page don’t change and only in Network of browser I can see that API return 302 and the login Page return 200 As you can see in image below the post. My question is it is possible Or my expectation is wrong?

Any help is appreciated 🙂

I implement my requirement in this way :

@Configuration
@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
public class OAuth2WebSecurity {
    @Bean
    public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
        return
                http
                        .cors(cors -> cors.configurationSource(corsConfigurationSource()))
                        .addFilterBefore(new JWTExchangeFilter(jwtTokenRepository), SecurityWebFiltersOrder.AUTHENTICATION)
                        .exceptionHandling(exception -> exception.accessDeniedHandler(new CustomAccessDeniedHandler())
                                .authenticationEntryPoint(new CustomAuthenticationEntryPoint()))
                        .oauth2Login(withDefaults())
                        .oauth2ResourceServer(oauth2 -> oauth2
                                .jwt(withDefaults())
                        )
                        .csrf(ServerHttpSecurity.CsrfSpec::disable)
                        .build();
    }

In JWTExchangeFilter I tried diffrent solutions but none of them wasn’t true:
1:

              ServerHttpRequest request = exchange.getRequest()
                    .mutate()
                    .uri(URI.create("http://127.0.0.1:8089/login.html"))
                    .build();
                     ServerWebExchange modifiedEx = exchange.mutate()
                    .request(request)
                    .build();
                     modifiedEx.getAttributes().put(ServerWebExchangeUtils.GATEWAY_REQUEST_URL_ATTR,               URI.create("http://127.0.0.1:8089/login.html"));
               return chain.filter(modifiedEx);

2:

    ServerHttpRequest request = exchange.getRequest()
                    .mutate()
                    .uri(URI.create("http://127.0.0.1:8089/login.html"))
                    .build();
            ServerWebExchange modifiedEx = exchange.mutate()
                    .request(request)
                    .build();
            modifiedEx.getAttributes().put(ServerWebExchangeUtils.GATEWAY_REQUEST_URL_ATTR,   URI.create("http://127.0.0.1:8089/login.html"));
                return modifiedEx.getResponse().setComplete();

3:

    exchange.getResponse().getHeaders().setLocation(URI.create("http://127.0.0.1:8089/login.html"));
                exchange.getResponse().setStatusCode(HttpStatus.FOUND);
                return exchange.getResponse().setComplete();

With diffrent HttpStatus like HttpStatus.PERMANENT_REDIRECT,HttpStatus.SEE_OTHER,… But nothing happend
🙁