Spring Security Support ServerExchangeRejectedHandler @Bean

Spring Security does not use the ServerExchangeRejectedHandler Bean when exposed.

We should fix this, but in the meantime users can leverage a BeanPostProcessor approach.

@Bean
BeanPostProcessor beanPostProcessor() {
    return new BeanPostProcessor() {
        @Override
        public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
            if (bean instanceof WebFilterChainProxy) {
                WebFilterChainProxy springSecurity = (WebFilterChainProxy) bean;
                springSecurity.setExchangeRejectedHandler((exchange, ex) -> Mono.fromRunnable(() -> exchange.getResponse().setStatusCode(HttpStatus.NOT_ACCEPTABLE)));
            }
            return bean;
        }
    };
}

Comment From: rwinch

Closed via e86d88d0cf869fce800974eb22e61a9c3dcf5fa2