Package org.springframework.security.oauth2.server.resource.web.access

Class BearerTokenAccessDeniedHandler

java.lang.Object
org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler
All Implemented Interfaces:
org.springframework.security.web.access.AccessDeniedHandler
public final class BearerTokenAccessDeniedHandler extends Object implements org.springframework.security.web.access.AccessDeniedHandler
Translates any AccessDeniedException into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate.

So long as the class can prove that the request has a valid OAuth 2.0 Authentication, then will return an insufficient scope error; otherwise, it will simply indicate the scheme (Bearer) and any configured realm.

Since:
5.1

  • Constructor Summary

    Constructors
    Constructor
    Description
    BearerTokenAccessDeniedHandler()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.access.AccessDeniedException accessDeniedException)
    Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and scope.
    void
    setRealmName(String realmName)
    Set the default realm name to use in the bearer token error response

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • BearerTokenAccessDeniedHandler

      public BearerTokenAccessDeniedHandler()

  • Method Details

    • handle

      public void handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.access.AccessDeniedException accessDeniedException)
      Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and scope.
      Specified by:
      handle in interface org.springframework.security.web.access.AccessDeniedHandler
      Parameters:
      request - that resulted in an AccessDeniedException
      response - so that the user agent can be advised of the failure
      accessDeniedException - that caused the invocation

    • setRealmName

      public void setRealmName(String realmName)
      Set the default realm name to use in the bearer token error response
      Parameters:
      realmName -