Uploaded image for project: 'Spring Security OAuth'
  1. Spring Security OAuth
  2. SECOAUTH-363

OAuth2 responses due to an Exception do not contain the "Pragma: no-cache" header as per specification

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Trivial
    • Resolution: Complete
    • 1.0.0
    • 1.0.1
    • OAuth 2

    Description

      The "Pragma: no-cache" header and value is not returned when an exception is thrown within the context of a TokenEndpoint instance. I suggest the DefaultWebResponseExceptionTranslator#handleOAuth2Exception should be modified to set this value.

      I have worked around this by creating a bean that gets loaded after the "oauth2TokenEndpoint" bean, has a property that references the "oauth2TokenEndpoint" bean, and also has an "afterPropertiesSet" method implementation that sets the "oauth2TokenEndpoint" bean with a custom class that extends DefaultWebResponseExceptionTranslator. The custom class overrides the "translate" method to add this header and value into the super's returned result.

      Attachments

        Activity

          People

            david_syer Dave Syer
            david.williams@xoom.com David Williams
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: