Class BearerTokenServerAccessDeniedHandler
java.lang.Object
org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler
- All Implemented Interfaces:
ServerAccessDeniedHandler
public class BearerTokenServerAccessDeniedHandler
extends Object
implements ServerAccessDeniedHandler
Translates any
AccessDeniedException
into an HTTP response in accordance with
RFC 6750
Section 3: The WWW-Authenticate.
So long as the class can prove that the request has a valid OAuth 2.0
Authentication
, then will return an
insufficient
scope error; otherwise, it will simply indicate the scheme (Bearer) and any
configured realm.- Since:
- 5.1
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionreactor.core.publisher.Mono<Void>
handle
(org.springframework.web.server.ServerWebExchange exchange, AccessDeniedException denied) final void
setRealmName
(String realmName) Set the default realm name to use in the bearer token error response
-
Constructor Details
-
BearerTokenServerAccessDeniedHandler
public BearerTokenServerAccessDeniedHandler()
-
-
Method Details
-
handle
public reactor.core.publisher.Mono<Void> handle(org.springframework.web.server.ServerWebExchange exchange, AccessDeniedException denied) - Specified by:
handle
in interfaceServerAccessDeniedHandler
-
setRealmName
Set the default realm name to use in the bearer token error response- Parameters:
realmName
-
-