Class BearerTokenServerAccessDeniedHandler
- java.lang.Object
-
- org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler
-
- All Implemented Interfaces:
org.springframework.security.web.server.authorization.ServerAccessDeniedHandler
public class BearerTokenServerAccessDeniedHandler extends java.lang.Object implements org.springframework.security.web.server.authorization.ServerAccessDeniedHandlerTranslates anyAccessDeniedExceptioninto an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate. So long as the class can prove that the request has a valid OAuth 2.0Authentication, then will return an insufficient scope error; otherwise, it will simply indicate the scheme (Bearer) and any configured realm.- Since:
- 5.1
-
-
Constructor Summary
Constructors Constructor Description BearerTokenServerAccessDeniedHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description reactor.core.publisher.Mono<java.lang.Void>handle(org.springframework.web.server.ServerWebExchange exchange, org.springframework.security.access.AccessDeniedException denied)voidsetRealmName(java.lang.String realmName)Set the default realm name to use in the bearer token error response
-
-
-
Method Detail
-
handle
public reactor.core.publisher.Mono<java.lang.Void> handle(org.springframework.web.server.ServerWebExchange exchange, org.springframework.security.access.AccessDeniedException denied)- Specified by:
handlein interfaceorg.springframework.security.web.server.authorization.ServerAccessDeniedHandler
-
setRealmName
public final void setRealmName(java.lang.String realmName)
Set the default realm name to use in the bearer token error response- Parameters:
realmName-
-
-