...@Override protected void configure(HttpSecurity http) throws Exception {

1. ...
2. @Override
3. protected void configure(HttpSecurity http) throws Exception {
4. http
5. .csrf().disable()
6. // IMPORTANT: Add Filter after "ExceptionTranslation".
7. // If not AuthenticationException from Custom Filter or Custom Provider
8. // will not be catched by AuthenticationEntryPoint.
9. .addFilterAfter(httpClientFilter(), ExceptionTranslationFilter.class)
10. .exceptionHandling()
11. // catch AuthenticationExeption and SecureToken with authenticated=false
12. .authenticationEntryPoint(delegatingAuthenticationEntryPoint())
13. // catch PermissionDenied Exeption e.g. missing in authorizeRequests()
14. .accessDeniedHandler(new ClientRestAccessDeniedHandler())
15. .and()
16. ...
17.  
18. public class ClientRestAccessDeniedHandler implements AccessDeniedHandler{
19.  
20. @Override
21. public void handle(HttpServletRequest request, HttpServletResponse response,
22. AccessDeniedException accessDeniedException) throws IOException, ServletException {
23.  
24. final Logger logger = Logger.getLogger(ClientRestAccessDeniedHandler.class);
25.  
26. if(logger.isDebugEnabled())
27. logger.debug("Requered Role for this request is missing!");
28.  
29. HTTPAuthenticationErrorSender.sendResponse(request, response,
30. SecurityContextHolder.getContext().getAuthentication());
31. }
32. }
33.  
34. public final class HTTPAuthenticationErrorSender {
35.  
36. public static void sendResponse(HttpServletRequest request, HttpServletResponse response, Authentication token)
37. throws JsonGenerationException, JsonMappingException, IOException{
38.  
39. final Logger logger = Logger.getLogger(HTTPAuthenticationErrorSender.class);
40.  
41. if(!(token instanceof HTTPRestSecureToken)){
42. if (token != null){
43. response.sendError(403, "No valide AuthenticationToken found. Token instance of: "+token.getClass().toString());
44. if(logger.isDebugEnabled())
45. logger.debug("Send default HTTP Response 403. No HTTPRestSecureToken found. "
46. + "Token is instance of: "+token.getClass().getName());
47. }
48. else {
49. response.sendError(403, "No valide AuthenticationToken found. Token is null");
50. if(logger.isDebugEnabled())
51. logger.debug("Send default HTTP Response 403. No HTTPRestSecureToken found. "
52. + "Token is null");
53. }
54. return;
55. }
56.  
57. HTTPRestSecureToken restToken = (HTTPRestSecureToken) token;
58. ObjectMapper mapper = new ObjectMapper();
59. AuthenticationErrorResponse authErrorResponse =
60. new AuthenticationErrorResponse(restToken.getAuthStatus().getErrorCode(),restToken.getAuthStatus().getDescription());
61. String content = mapper.writeValueAsString(authErrorResponse);
62.  
63. HTTPRestPrincipal principal = (HTTPRestPrincipal) token.getPrincipal();
64.  
65. if(logger.isDebugEnabled()){
66. logger.debug("AccessDenied for request: ["+principal.getFullURI()+"] clientID: ["+principal.getClientID()
67. + "] loginMail: ["+principal.getLoginMail()+"]");
68. logger.debug("Send following json response: "+content);
69. }
70.  
71. response.setContentType("application/json;charset=UTF-8");
72. response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
73. response.getWriter().print(content);
74. }
75.  
76. }