-
Hi, Using Spring Boot 2.x we had a custom access denied handler that was configured in a class extending the KeycloakWebSecurityConfigurerAdapter and overriding like below:
But now since I only configure these things in the application.yaml when using spring-addons-starter-oidc, how do I configure the access denied handler?
I wonder if it is possible to accomplish the same thing with this plugin? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
To understand all the extensions points for In the case of a servlet resource server, this will point you to You should notice a @Bean
ResourceServerHttpSecurityPostProcessor resourceServerHttpSecurityPostProcessor() {
return (HttpSecurity httpSecurity) -> {
httpSecurity.exceptionHandling(exceptionHandlingCustomizer -> {
exceptionHandlingCustomizer.accessDeniedHandler(new CustomAccessDeniedHandler());
});
return httpSecurity;
};
} |
Beta Was this translation helpful? Give feedback.
To understand all the extensions points for
spring-addons-starter-oidc
, start with the Spring Bootimports
resource.In the case of a servlet resource server, this will point you to
SpringAddonsOidcResourceServerBeans
. The first bean defined there is theSecurityFilterChain
and is rather decently documented.You should notice a
httpPostProcessor
parameter which is advertised as a "Hook to override all or part of HttpSecurity auto-configuration". So basically, if you expose aResourceServerHttpSecurityPostProcessor
bean, you can alter auto-configuration the way you like: