Uploaded image for project: 'Spring Security OAuth'
  1. Spring Security OAuth
  2. SECOAUTH-363

OAuth2 responses due to an Exception do not contain the "Pragma: no-cache" header as per specification

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Trivial
    • Resolution: Complete
    • Affects Version/s: 1.0.0
    • Fix Version/s: 1.0.1
    • Component/s: OAuth 2
    • Labels:

      Description

      The "Pragma: no-cache" header and value is not returned when an exception is thrown within the context of a TokenEndpoint instance. I suggest the DefaultWebResponseExceptionTranslator#handleOAuth2Exception should be modified to set this value.

      I have worked around this by creating a bean that gets loaded after the "oauth2TokenEndpoint" bean, has a property that references the "oauth2TokenEndpoint" bean, and also has an "afterPropertiesSet" method implementation that sets the "oauth2TokenEndpoint" bean with a custom class that extends DefaultWebResponseExceptionTranslator. The custom class overrides the "translate" method to add this header and value into the super's returned result.

        Attachments

          Activity

            People

            Assignee:
            david_syer Dave Syer
            Reporter:
            david.williams@xoom.com David Williams
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: