Class ProblemDetailBearerTokenAccessDeniedHandler
java.lang.Object
io.leandev.appfuse.security.resourceserver.ProblemDetailBearerTokenAccessDeniedHandler
- All Implemented Interfaces:
org.springframework.security.web.access.AccessDeniedHandler
public class ProblemDetailBearerTokenAccessDeniedHandler
extends Object
implements org.springframework.security.web.access.AccessDeniedHandler
受保護資源授權不足(403)處理器
已通過認證但權限不足時,附 RFC 6750 WWW-Authenticate: Bearer error="insufficient_scope" 挑戰標頭(ADR-009 點 3),body 維持 RFC 7807
ProblemDetail。與 ProblemDetailBearerTokenAuthenticationEntryPoint
成對,標頭手動組裝以跨 Spring Security 版本穩定。
-
Constructor Summary
ConstructorsConstructorDescriptionProblemDetailBearerTokenAccessDeniedHandler(tools.jackson.databind.ObjectMapper objectMapper) -
Method Summary
Modifier and TypeMethodDescriptionvoidhandle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.access.AccessDeniedException accessDeniedException)
-
Constructor Details
-
ProblemDetailBearerTokenAccessDeniedHandler
public ProblemDetailBearerTokenAccessDeniedHandler(tools.jackson.databind.ObjectMapper objectMapper)
-
-
Method Details
-
handle
public void handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.access.AccessDeniedException accessDeniedException) throws IOException - Specified by:
handlein interfaceorg.springframework.security.web.access.AccessDeniedHandler- Throws:
IOException
-