//从header中得到token
String authHeader = request.getHeader(JwtConstants.AUTHORIZATION);
if (authHeader == null) {
throw new ServletException("Missing or invalid X-AUTH-TOKEN header.");
}
// 验证token
Claims claims = null;
try {
claims = Jwts.parser().setSigningKey(JwtConstants.JWT_SECRET).parseClaimsJws(authHeader).getBody();
} catch (final MalformedJwtException e){
throw new ServletException("token 长度或者格式错误.");
} catch (final SignatureException e) {
throw new ServletException("Invalid token.");
}
Java: Meaning of catch (final SomeException e)?