0

Working with spring security 6 + opaque token I am receiving, always, 401 when some exception happens during authentication process. Even when authorisation/authentication server is down I am getting 401.

I would like to return 500 internal server error when I can not touch the authentication server, most likely it will be a timeout exception I suppose, since I have configured a timeout configured.

@PostConstruct
  public void init() {
    RestOperations restOperations = new RestTemplateBuilder()
        .basicAuthentication(clientId, clientSecret)
        .setConnectTimeout(Duration.ofSeconds(connectionTimeout))
        .setReadTimeout(Duration.ofSeconds(readTimeout))
        .build();

    delegate = new NimbusOpaqueTokenIntrospector(introspectionUrl, restOperations);
  }

Also, I realize that when 401 and 403 happens, there is no message. Would be nice to have it either. How to handle exception properly to at least return 500 when server authentication is down.

Thank's

Improve this question
2
Related questions
2
Spring security returns 401 when database is stopped
336
Difference between Role and GrantedAuthority in Spring Security
1
Spring Security - unable to catch LDAP exception when AD server offline
Load 6 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.