BearerTokenAccessDeniedHandler (spring-security-oauth2-resource-server 5.4.5 API)

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler

All Implemented Interfaces:

org.springframework.security.web.access.AccessDeniedHandler
```
public final class BearerTokenAccessDeniedHandler
extends java.lang.Object
implements org.springframework.security.web.access.AccessDeniedHandler
```
Translates any AccessDeniedException into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate.
So long as the class can prove that the request has a valid OAuth 2.0 Authentication, then will return an insufficient scope error; otherwise, it will simply indicate the scheme (Bearer) and any configured realm.

Since:

5.1

Constructor Summary

Constructors
Constructor and Description

BearerTokenAccessDeniedHandler()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`handle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.access.AccessDeniedException accessDeniedException)` Collect error details from the provided parameters and format according to RFC 6750, specifically `error`, `error_description`, `error_uri`, and `scope`.
`void`	`setRealmName(java.lang.String realmName)` Set the default realm name to use in the bearer token error response

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - BearerTokenAccessDeniedHandler
```
public BearerTokenAccessDeniedHandler()
```
- Method Detail
  - handle
```
public void handle(javax.servlet.http.HttpServletRequest request,
                   javax.servlet.http.HttpServletResponse response,
                   org.springframework.security.access.AccessDeniedException accessDeniedException)
```
    Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and scope.
    
    Specified by:
    
    handle in interface org.springframework.security.web.access.AccessDeniedHandler
    
    Parameters:
    
    request - that resulted in an AccessDeniedException
    
    response - so that the user agent can be advised of the failure
    
    accessDeniedException - that caused the invocation
  - setRealmName
```
public void setRealmName(java.lang.String realmName)
```
    Set the default realm name to use in the bearer token error response
    
    Parameters:
    
    realmName -

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method