diff --git a/src/main/java/dev/surl/surl/handler/DefaultExceptionHandler.kt b/src/main/java/dev/surl/surl/handler/DefaultExceptionHandler.kt
index ddca2c9..b0398fd 100644
--- a/src/main/java/dev/surl/surl/handler/DefaultExceptionHandler.kt
+++ b/src/main/java/dev/surl/surl/handler/DefaultExceptionHandler.kt
@@ -9,6 +9,7 @@ import org.springframework.http.HttpStatus
 import org.springframework.http.HttpStatusCode
 import org.springframework.http.ResponseEntity
 import org.springframework.http.converter.HttpMessageNotReadableException
+import org.springframework.security.core.userdetails.UsernameNotFoundException
 import org.springframework.validation.method.MethodValidationException
 import org.springframework.web.bind.MethodArgumentNotValidException
 import org.springframework.web.bind.annotation.ControllerAdvice
@@ -98,7 +99,7 @@ class DefaultExceptionHandler : ResponseEntityExceptionHandler() {
         return ResponseEntity(Msg(code = -1, msg = ex.message ?: "unknown validation error"), HttpStatus.BAD_REQUEST)
     }
 
-    @ExceptionHandler(value = [UnauthorizedException::class])
+    @ExceptionHandler(value = [UnauthorizedException::class, UsernameNotFoundException::class])
     fun handleUnauthorizedException(ex: Exception): ResponseEntity<Msg<String>> {
         return ResponseEntity(Msg(code = -1, msg = ex.message ?: "unauthorized"), HttpStatus.UNAUTHORIZED)
     }