8 years ago · 3bfda6cff7
--- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
@@ -393,9 +393,9 @@ public class ServerHttpSecurity {
 
				 	public class CsrfSpec {
			
 
				 		private CsrfWebFilter filter = new CsrfWebFilter();
			
 
				 
			
 
				-		public CsrfSpec serverAccessDeniedHandler(
			
 
				-			ServerAccessDeniedHandler serverAccessDeniedHandler) {
			
 
				-			this.filter.setServerAccessDeniedHandler(serverAccessDeniedHandler);
			
 
				+		public CsrfSpec accessDeniedHandler(
			
 
				+			ServerAccessDeniedHandler accessDeniedHandler) {
			
 
				+			this.filter.setAccessDeniedHandler(accessDeniedHandler);
			
 
				 			return this;
			
 
				 		}
			
 
				 
			
--- a/web/src/main/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilter.java
+++ b/web/src/main/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilter.java
@@ -35,26 +35,26 @@ import org.springframework.web.server.WebFilterChain;
 
				 public class ExceptionTranslationWebFilter implements WebFilter {
			
 
				 	private ServerAuthenticationEntryPoint authenticationEntryPoint = new HttpBasicServerAuthenticationEntryPoint();
			
 
				 
			
 
				-	private ServerAccessDeniedHandler serverAccessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN);
			
 
				+	private ServerAccessDeniedHandler accessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN);
			
 
				 
			
 
				 	@Override
			
 
				 	public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
			
 
				 		return chain.filter(exchange)
			
 
				 			.onErrorResume(AccessDeniedException.class, denied -> exchange.getPrincipal()
			
 
				 				.switchIfEmpty( commenceAuthentication(exchange, denied))
			
 
				-				.flatMap( principal -> this.serverAccessDeniedHandler
			
 
				+				.flatMap( principal -> this.accessDeniedHandler
			
 
				 					.handle(exchange, denied))
			
 
				 			);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
 
				 	 * Sets the access denied handler.
			
 
				-	 * @param serverAccessDeniedHandler the access denied handler to use. Default is
			
 
				+	 * @param accessDeniedHandler the access denied handler to use. Default is
			
 
				 	 * HttpStatusAccessDeniedHandler with HttpStatus.FORBIDDEN
			
 
				 	 */
			
 
				-	public void setServerAccessDeniedHandler(ServerAccessDeniedHandler serverAccessDeniedHandler) {
			
 
				-		Assert.notNull(serverAccessDeniedHandler, "accessDeniedHandler cannot be null");
			
 
				-		this.serverAccessDeniedHandler = serverAccessDeniedHandler;
			
 
				+	public void setAccessDeniedHandler(ServerAccessDeniedHandler accessDeniedHandler) {
			
 
				+		Assert.notNull(accessDeniedHandler, "accessDeniedHandler cannot be null");
			
 
				+		this.accessDeniedHandler = accessDeniedHandler;
			
 
				 	}
			
 
				 
			
 
				 	/**
			
--- a/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java
+++ b/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java
@@ -57,12 +57,12 @@ public class CsrfWebFilter implements WebFilter {
 
				 
			
 
				 	private ServerCsrfTokenRepository serverCsrfTokenRepository = new WebSessionServerCsrfTokenRepository();
			
 
				 
			
 
				-	private ServerAccessDeniedHandler serverAccessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN);
			
 
				+	private ServerAccessDeniedHandler accessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN);
			
 
				 
			
 
				-	public void setServerAccessDeniedHandler(
			
 
				-		ServerAccessDeniedHandler serverAccessDeniedHandler) {
			
 
				-		Assert.notNull(serverAccessDeniedHandler, "serverAccessDeniedHandler");
			
 
				-		this.serverAccessDeniedHandler = serverAccessDeniedHandler;
			
 
				+	public void setAccessDeniedHandler(
			
 
				+		ServerAccessDeniedHandler accessDeniedHandler) {
			
 
				+		Assert.notNull(accessDeniedHandler, "accessDeniedHandler");
			
 
				+		this.accessDeniedHandler = accessDeniedHandler;
			
 
				 	}
			
 
				 
			
 
				 	public void setServerCsrfTokenRepository(
			
@@ -85,7 +85,8 @@ public class CsrfWebFilter implements WebFilter {
 
				 			.flatMap(m -> validateToken(exchange))
			
 
				 			.flatMap(m -> continueFilterChain(exchange, chain))
			
 
				 			.switchIfEmpty(continueFilterChain(exchange, chain).then(Mono.empty()))
			
 
				-			.onErrorResume(CsrfException.class, e -> this.serverAccessDeniedHandler.handle(exchange, e));
			
 
				+			.onErrorResume(CsrfException.class, e -> this.accessDeniedHandler
			
 
				+				.handle(exchange, e));
			
 
				 	}
			
 
				 
			
 
				 	private Mono<Void> validateToken(ServerWebExchange exchange) {
			
--- a/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java
@@ -67,7 +67,7 @@ public class ExceptionTranslationWebFilterTests {
 
				 		when(this.entryPoint.commence(any(), any())).thenReturn(this.entryPointPublisher.mono());
			
 
				 
			
 
				 		this.filter.setAuthenticationEntryPoint(this.entryPoint);
			
 
				-		this.filter.setServerAccessDeniedHandler(this.deniedHandler);
			
 
				+		this.filter.setAccessDeniedHandler(this.deniedHandler);
			
 
				 	}
			
 
				 
			
 
				 	@Test
			
@@ -150,7 +150,7 @@ public class ExceptionTranslationWebFilterTests {
 
				 
			
 
				 	@Test(expected = IllegalArgumentException.class)
			
 
				 	public void setAccessDeniedHandlerWhenNullThenException() {
			
 
				-		this.filter.setServerAccessDeniedHandler(null);
			
 
				+		this.filter.setAccessDeniedHandler(null);
			
 
				 	}
			
 
				 
			
 
				 	@Test(expected = IllegalArgumentException.class)