Skip to content

Support ServerExchangeRejectedHandler @Bean #15975

Closed
@rwinch

Description

@rwinch

Spring Security does not use the ServerExchangeRejectedHandler Bean when exposed.

We should fix this, but in the meantime users can leverage a BeanPostProcessor approach.

@Bean
BeanPostProcessor beanPostProcessor() {
	return new BeanPostProcessor() {
		@Override
		public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
			if (bean instanceof WebFilterChainProxy) {
				WebFilterChainProxy springSecurity = (WebFilterChainProxy) bean;
				springSecurity.setExchangeRejectedHandler((exchange, ex) -> Mono.fromRunnable(() -> exchange.getResponse().setStatusCode(HttpStatus.NOT_ACCEPTABLE)));
			}
			return bean;
		}
	};
}

Metadata

Metadata

Assignees

Labels

in: webAn issue in web modules (web, webmvc)type: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions