feat: Map AuthorizationDeniedException to 403 Forbidden by default

Fixes #97
wimdeblauwe · Sep 12, 2024 · 992abd9 · 992abd9
1 parent 6bae263
commit 992abd9
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/...wimdeblauwe/errorhandlingspringbootstarter/handler/SpringSecurityApiExceptionHandler.java b/...wimdeblauwe/errorhandlingspringbootstarter/handler/SpringSecurityApiExceptionHandler.java
@@ -8,6 +8,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.authentication.*;
+import org.springframework.security.authorization.AuthorizationDeniedException;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
 import java.util.HashMap;
@@ -22,6 +23,7 @@ public class SpringSecurityApiExceptionHandler extends AbstractApiExceptionHandl
     static {
         EXCEPTION_TO_STATUS_MAPPING = new HashMap<>();
         EXCEPTION_TO_STATUS_MAPPING.put(AccessDeniedException.class, FORBIDDEN);
+        EXCEPTION_TO_STATUS_MAPPING.put(AuthorizationDeniedException.class, FORBIDDEN);
         EXCEPTION_TO_STATUS_MAPPING.put(AccountExpiredException.class, BAD_REQUEST);
         EXCEPTION_TO_STATUS_MAPPING.put(AuthenticationCredentialsNotFoundException.class, UNAUTHORIZED);
         EXCEPTION_TO_STATUS_MAPPING.put(AuthenticationServiceException.class, INTERNAL_SERVER_ERROR);