Package org.springframework.security.oauth2.server.resource.web.access

Class BearerTokenAccessDeniedHandler

  • All Implemented Interfaces:
    org.springframework.security.web.access.AccessDeniedHandler
    public final class BearerTokenAccessDeniedHandler
extends java.lang.Object
implements org.springframework.security.web.access.AccessDeniedHandler
    Translates any AccessDeniedException into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate.

    So long as the class can prove that the request has a valid OAuth 2.0 Authentication, then will return an insufficient scope error; otherwise, it will simply indicate the scheme (Bearer) and any configured realm.

    Since:
    5.1

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void handle​(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.access.AccessDeniedException accessDeniedException)
      Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and scope.
      void setRealmName​(java.lang.String realmName)
      Set the default realm name to use in the bearer token error response

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • BearerTokenAccessDeniedHandler

        public BearerTokenAccessDeniedHandler()

    • Method Detail

      • handle

        public void handle​(javax.servlet.http.HttpServletRequest request,
                   javax.servlet.http.HttpServletResponse response,
                   org.springframework.security.access.AccessDeniedException accessDeniedException)
        Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and scope.
        Specified by:
        handle in interface org.springframework.security.web.access.AccessDeniedHandler
        Parameters:
        request - that resulted in an AccessDeniedException
        response - so that the user agent can be advised of the failure
        accessDeniedException - that caused the invocation

      • setRealmName

        public void setRealmName​(java.lang.String realmName)
        Set the default realm name to use in the bearer token error response
        Parameters:
        realmName -