Class BearerTokenAccessDeniedHandler

All Implemented Interfaces:

public final class BearerTokenAccessDeniedHandler extends Object implements AccessDeniedHandler
Translates any AccessDeniedException into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate.

So long as the class can prove that the request has a valid OAuth 2.0 Authentication, then will return an insufficient scope error; otherwise, it will simply indicate the scheme (Bearer) and any configured realm.

  • Constructor Details

    • BearerTokenAccessDeniedHandler

      public BearerTokenAccessDeniedHandler()
  • Method Details

    • handle

      public void handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AccessDeniedException accessDeniedException)
      Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and scope.
      Specified by:
      handle in interface AccessDeniedHandler
      request - that resulted in an AccessDeniedException
      response - so that the user agent can be advised of the failure
      accessDeniedException - that caused the invocation
    • setRealmName

      public void setRealmName(String realmName)
      Set the default realm name to use in the bearer token error response
      realmName -