[자바 시큐리티] java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed 오류 해결방법

자바 시큐리티를 사용하여 로그인 성공시 리다이렉트 할 때 오류가 발생되었다.

HTTP Status 500 - Cannot call sendRedirect() after the response has been committed
type Exception report

message Cannot call sendRedirect() after the response has been committed

description The server encountered an internal error that prevented it from fulfilling this request.

exception

java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed
	org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:482)
	javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:137)
	org.springframework.security.web.firewall.FirewalledResponse.sendRedirect(FirewalledResponse.java:25)
	javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:137)
	org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper.sendRedirect(SaveContextOnUpdateOrErrorResponseWrapper.java:107)
	ubsales.core.handler.AuthenticationSuccessHandler.onAuthenticationSuccess(AuthenticationSuccessHandler.java:68)
	org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.successfulAuthentication(AbstractAuthenticationProcessingFilter.java:331)
	org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.successfulAuthentication(AbstractAuthenticationProcessingFilter.java:298)
	org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:235)
	org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
	org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:94)
	org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
	org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
	org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106)
	org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
	org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
	org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
	org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
	org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
	org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
	org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
	org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
	org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
	org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
	org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106)
note The full stack trace of the root cause is available in the Apache Tomcat/7.0.82 logs.

Apache Tomcat/7.0.82

[오류가 발생한 코드]

로그인 성공시 org.springframework.security.web.authentication.AuthenticationSuccessHandler 클래스를 상속 받아 구현한 코드 내에 다음과 같은 sendRedirect 분기 코드를 추가하였는데 오류가 발생했다.

if(isFirstLogin)) {
	response.sendRedirect("/passwordChange");
}

response.sendRedirect("/");

디버깅 결과 오류가 발생 이유는 response.sendRedirect(“/passwordChange”); 호출 되었음에도 불구하고 바로 이동처리되지않았고, response.sendRedirct(“/”) 코드가 실행되면서 발생되었다.

[오류 해결 코드]

if(isFirstLogin)) {
	response.sendRedirect("/passwordChange");
}else {
	response.sendRedirect("/");	
}