I am trying to implement WebFilter in order to check the JWT Header in my Spring WebFlux Application. I managed to find a way to return Publisher instead of Mono.empty(), but the response is not in json format.

Here is example of my WebFilter filter() method:

public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
    ServerHttpRequest request = exchange.getRequest();
    ServerHttpResponse response = exchange.getResponse();

    String path = request.getPath().pathWithinApplication().value();

    // only apply filter for JWT on apiPath
    if(!path.contains(apiPath) || 
            (path.contains(apiPath) && request.getMethod().equals(HttpMethod.OPTIONS))) {
        return chain.filter(exchange);
    }

    logger.debug("JWT authentication initiated");

    Auth authentication = tokenAuthenticationService.getAuthentication((ServerHttpRequest) request);
    if (authentication == null) {
        ApiError error = new ApiError();
        error.setMessage("foo msg");
        response.setStatusCode(HttpStatus.UNAUTHORIZED);

        return response
        .writeWith(Mono.just(new DefaultDataBufferFactory().wrap(SerializationUtils.serialize(error))));
    }
    // extract token data and put in attributes,
    // throw unauthorized if token is not properly signed
    exchange.getAttributes().put("auth", authentication);

    logger.debug("JWT authentication passed");

    return chain.filter(exchange);
}

And this is how my ApiError class looks like:

@JsonIgnoreProperties(ignoreUnknown = true)
public class ApiError implements Serializable {
/**
 * 
 */
private static final long serialVersionUID = 1L;

private HttpStatus httpStatus;

private String message;

private String debugMessage;

private List<?> subErrors;


private long timestamp;

public ApiError() {
    setTimestamp(new Date());
}

public ApiError(HttpStatus status) {
    this();

    this.httpStatus = status;
}

public ApiError(HttpStatus status, Throwable ex) {
    this(status);

    this.message = "Unexpected error";
    this.debugMessage = ex.getLocalizedMessage();
}

public ApiError(HttpStatus status, String message, Throwable ex) {
    this(status, ex);

    this.message = message;     
}

public ApiError(HttpStatus status, String message, Throwable ex, List<?> subErrors) {
    this(status, message, ex);

    this.subErrors = subErrors;
}

@JsonIgnore
public HttpStatus getHttpStatus() {
    return this.httpStatus;
}

public void setHttpStatus(HttpStatus httpStatus) {
    this.httpStatus = httpStatus;
}

@JsonProperty("status")
public Integer getStatus() {
    return this.httpStatus.value();
}

@JsonProperty("error")
public String getError() {
    return this.httpStatus.getReasonPhrase();
}

@JsonProperty("timestamp")
public long getTimestamp() {
    return timestamp;
}

public void setTimestamp(Date time) {
    this.timestamp = time.getTime();
}

@JsonProperty("message")
public String getMessage() {
    return message;
}

public void setMessage(String message) {
    this.message = message;
}

@JsonProperty("debugMessage")
public String getDebugMessage() {
    return debugMessage;
}

public void setDebugMessage(String debugMessage) {
    this.debugMessage = debugMessage;
}

@SuppressWarnings("unchecked")
@JsonInclude(JsonInclude.Include.NON_NULL)
@JsonProperty("subErrors")
public List<Object> getSubErrors() {
    return (List<Object>) subErrors;
}

public void setSubErrors(List<?> subErrors) {
    this.subErrors = subErrors;
    }
}

And the response I get when authentication is null:

��sr0com.foo.exceptions.model.ApiErrorJ timestampLdebugMessagetLjava/lang/String;L httpStatust%Lorg/springframework/http/HttpStatus;Lmessageq~L subErrorstLjava/util/List;xpbCeY�pptfoo msgp

I tried adding Content-type: application/json header to the exchange.getResponse() but it didn't do the trick. Could I get help?