Class BearerTokenServerAccessDeniedHandler
- java.lang.Object
-
- org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler
-
- All Implemented Interfaces:
ServerAccessDeniedHandler
public class BearerTokenServerAccessDeniedHandler extends java.lang.Object implements ServerAccessDeniedHandler
Translates anyAccessDeniedException
into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate. So long as the class can prove that the request has a valid OAuth 2.0Authentication
, then will return an insufficient scope error; otherwise, it will simply indicate the scheme (Bearer) and any configured realm.- Since:
- 5.1
-
-
Constructor Summary
Constructors Constructor Description BearerTokenServerAccessDeniedHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description reactor.core.publisher.Mono<java.lang.Void>
handle(org.springframework.web.server.ServerWebExchange exchange, AccessDeniedException denied)
void
setRealmName(java.lang.String realmName)
Set the default realm name to use in the bearer token error response
-
-
-
Method Detail
-
handle
public reactor.core.publisher.Mono<java.lang.Void> handle(org.springframework.web.server.ServerWebExchange exchange, AccessDeniedException denied)
- Specified by:
handle
in interfaceServerAccessDeniedHandler
-
setRealmName
public final void setRealmName(java.lang.String realmName)
Set the default realm name to use in the bearer token error response- Parameters:
realmName
-
-
-