spring security version 6.3.1
i did implement Jwt tocken, but by trying to access protected resource without auth i get back 403 instead of 401 because Spring ues by default Http403ForbiddenEntryPoint, so i have to add 2 exception handlers.
.exceptionHandling(a -> a.accessDeniedHandler( (request, response, accessDeniedException) -> response.setStatus(403))) .exceptionHandling(handler -> handler.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage())));
I think will be grate to avoid this workaround.
Comment From: sjohnr
Thanks for getting in touch @ybaidiuk, but it feels like this is a question that would be better suited to Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add a minimal sample that reproduces this issue if you feel this is a genuine bug.
Having said that, please see this comment for a possible solution. If that doesn't help, please consider adding a minimal reproducible example as I'm not clear what your issue is without a sample. I plan to close this issue but will wait for your response.
Comment From: spring-projects-issues
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.
Comment From: spring-projects-issues
Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.