Package org.springframework.security.oauth2.server.resource.web.access.server

Class BearerTokenServerAccessDeniedHandler

java.lang.Object

org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler

All Implemented Interfaces:

ServerAccessDeniedHandler

public class BearerTokenServerAccessDeniedHandler
extends Object
implements ServerAccessDeniedHandler

Translates any AccessDeniedException into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate. So long as the class can prove that the request has a valid OAuth 2.0 Authentication, then will return an insufficient scope error; otherwise, it will simply indicate the scheme (Bearer) and any configured realm.

Since:

5.1

Constructor Summary

Constructors

Constructor	Description
BearerTokenServerAccessDeniedHandler()

Method Summary

Modifier and Type	Method	Description
reactor.core.publisher.Mono<Void>	handle(org.springframework.web.server.ServerWebExchange exchange, AccessDeniedException denied)
final void	setRealmName(String realmName)	Set the default realm name to use in the bearer token error response

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

BearerTokenServerAccessDeniedHandler

public BearerTokenServerAccessDeniedHandler()

Method Details

handle

public reactor.core.publisher.Mono<Void> handle(org.springframework.web.server.ServerWebExchange exchange,
 AccessDeniedException denied)

Specified by:

handle in interface ServerAccessDeniedHandler

setRealmName

public final void setRealmName(String realmName)

Set the default realm name to use in the bearer token error response

Parameters:

realmName -