diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java index 3fbd794f4b..36b1cefd37 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java @@ -393,9 +393,9 @@ public class ServerHttpSecurity { public class CsrfSpec { private CsrfWebFilter filter = new CsrfWebFilter(); - public CsrfSpec serverAccessDeniedHandler( - ServerAccessDeniedHandler serverAccessDeniedHandler) { - this.filter.setServerAccessDeniedHandler(serverAccessDeniedHandler); + public CsrfSpec accessDeniedHandler( + ServerAccessDeniedHandler accessDeniedHandler) { + this.filter.setAccessDeniedHandler(accessDeniedHandler); return this; } diff --git a/web/src/main/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilter.java b/web/src/main/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilter.java index a4d6592716..762be12965 100644 --- a/web/src/main/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilter.java +++ b/web/src/main/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilter.java @@ -35,26 +35,26 @@ import org.springframework.web.server.WebFilterChain; public class ExceptionTranslationWebFilter implements WebFilter { private ServerAuthenticationEntryPoint authenticationEntryPoint = new HttpBasicServerAuthenticationEntryPoint(); - private ServerAccessDeniedHandler serverAccessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN); + private ServerAccessDeniedHandler accessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN); @Override public Mono filter(ServerWebExchange exchange, WebFilterChain chain) { return chain.filter(exchange) .onErrorResume(AccessDeniedException.class, denied -> exchange.getPrincipal() .switchIfEmpty( commenceAuthentication(exchange, denied)) - .flatMap( principal -> this.serverAccessDeniedHandler + .flatMap( principal -> this.accessDeniedHandler .handle(exchange, denied)) ); } /** * Sets the access denied handler. - * @param serverAccessDeniedHandler the access denied handler to use. Default is + * @param accessDeniedHandler the access denied handler to use. Default is * HttpStatusAccessDeniedHandler with HttpStatus.FORBIDDEN */ - public void setServerAccessDeniedHandler(ServerAccessDeniedHandler serverAccessDeniedHandler) { - Assert.notNull(serverAccessDeniedHandler, "accessDeniedHandler cannot be null"); - this.serverAccessDeniedHandler = serverAccessDeniedHandler; + public void setAccessDeniedHandler(ServerAccessDeniedHandler accessDeniedHandler) { + Assert.notNull(accessDeniedHandler, "accessDeniedHandler cannot be null"); + this.accessDeniedHandler = accessDeniedHandler; } /** diff --git a/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java b/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java index 33a1570d30..77c390dd25 100644 --- a/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java +++ b/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java @@ -57,12 +57,12 @@ public class CsrfWebFilter implements WebFilter { private ServerCsrfTokenRepository serverCsrfTokenRepository = new WebSessionServerCsrfTokenRepository(); - private ServerAccessDeniedHandler serverAccessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN); + private ServerAccessDeniedHandler accessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN); - public void setServerAccessDeniedHandler( - ServerAccessDeniedHandler serverAccessDeniedHandler) { - Assert.notNull(serverAccessDeniedHandler, "serverAccessDeniedHandler"); - this.serverAccessDeniedHandler = serverAccessDeniedHandler; + public void setAccessDeniedHandler( + ServerAccessDeniedHandler accessDeniedHandler) { + Assert.notNull(accessDeniedHandler, "accessDeniedHandler"); + this.accessDeniedHandler = accessDeniedHandler; } public void setServerCsrfTokenRepository( @@ -85,7 +85,8 @@ public class CsrfWebFilter implements WebFilter { .flatMap(m -> validateToken(exchange)) .flatMap(m -> continueFilterChain(exchange, chain)) .switchIfEmpty(continueFilterChain(exchange, chain).then(Mono.empty())) - .onErrorResume(CsrfException.class, e -> this.serverAccessDeniedHandler.handle(exchange, e)); + .onErrorResume(CsrfException.class, e -> this.accessDeniedHandler + .handle(exchange, e)); } private Mono validateToken(ServerWebExchange exchange) { diff --git a/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java index fbbbe28370..4678bf1c29 100644 --- a/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java @@ -67,7 +67,7 @@ public class ExceptionTranslationWebFilterTests { when(this.entryPoint.commence(any(), any())).thenReturn(this.entryPointPublisher.mono()); this.filter.setAuthenticationEntryPoint(this.entryPoint); - this.filter.setServerAccessDeniedHandler(this.deniedHandler); + this.filter.setAccessDeniedHandler(this.deniedHandler); } @Test @@ -150,7 +150,7 @@ public class ExceptionTranslationWebFilterTests { @Test(expected = IllegalArgumentException.class) public void setAccessDeniedHandlerWhenNullThenException() { - this.filter.setServerAccessDeniedHandler(null); + this.filter.setAccessDeniedHandler(null); } @Test(expected = IllegalArgumentException.class)