Skip to content

AccessDeniedHandler by RequestMatcher #5478

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jzheaux opened this issue Jul 3, 2018 · 0 comments
Closed

AccessDeniedHandler by RequestMatcher #5478

jzheaux opened this issue Jul 3, 2018 · 0 comments
Assignees
@jzheaux
Labels
type: enhancement A general enhancement
Milestone
5.1.0.M2

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Jul 3, 2018

ExceptionHandlingConfigurer allows for AuthenticationEntryPoints to be wired by RequestMatcher:

exceptionHandling()
    .defaultAuthenticationEntryPointFor(
        myAuthenticationEntryPoint(), 
        new AntRequestMatcher("/path/**"))

Add this same ability for AccessDeniedHandler:

exceptionHandling()
    .defaultAccessDeniedHandlerFor(
        myAccessDeniedHandler(),
        new AntRequestMatcher("/path/**"))

This is particularly useful when supporting both a web front end as well as RESTful endpoint, where communicating access denial may differ depending on the type of request.
@jzheaux jzheaux added this to the 5.1.0.M2 milestone Jul 3, 2018
@jzheaux jzheaux mentioned this issue Jul 3, 2018
Closed
@jzheaux jzheaux self-assigned this Jul 3, 2018
jzheaux added a commit to jzheaux/spring-security that referenced this issue Jul 16, 2018
@jzheaux
Access Denied Handling Defaults
6516508 
This introduces the capability for users to wire denial handling
by request matcher, similar to how users can already do with
authentication entry points.

This is handy for when denial behavior differs based on the contents
of the request, for example, when the Authorization header indicates
an OAuth2 Bearer Token request vs Basic authentication.

Fixes: spring-projectsgh-5478
@rwinch rwinch closed this as completed in 28afb4e Jul 16, 2018
@rwinch rwinch added the type: enhancement A general enhancement label May 3, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
type: enhancement A general enhancement
Projects
None yet
Milestone
5.1.0.M2
Development

No branches or pull requests
2 participants
@rwinch @jzheaux