OAuth2ClientAuthenticationProcessingFilter SimpleUrlAuthenticationFailureHandler has no failure URL set, sending 401

[paboulos]

Whenever I try these Spring Security samples they always miss the error handling. For example, try to login with the Cloud sample uaa auth server and deny the client it returns the white label error page. How can the failure URL be set to something like the index.html when the sso client security config is on a separate server?

OAuth2ClientAuthenticationProcessingFilter : Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@4c74a0c8
2015-06-18 20:08:07.447 DEBUG 6068 --- [nio-9999-exec-6] .a.SimpleUrlAuthenticationFailureHandler : No failure URL set, sending 401

[dsyer]

It's up to the client to deal with the user denying access, so the responsibility is clear. If you want a nicer looking error page, feel free to make one and send a pull request.

[paboulos]

Sorry, that wasn't what I was asking. I want to know how a default failure URL can be set in the OAuth2ClientAuthenticationProcessingFilter. How can I get access to it so I can set the failure handler failure URL to the index page? In my UI I don't want to leave the user wondering what to do when there is an error.
Thanks

[vysak]

I too have the same concern, I am also getting the same whitelabeled page with 401 error code while I decline the access..There should be an option to handle this case. were you able to find something

[vysak]

As of now I did it in this way

@Bean
    public OAuth2ClientAuthenticationProcessingFilter oAuth2AuthenticationProcessingFilter() throws Exception {
        OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter("/googleLogin");
        filter.setRestTemplate(googleRestTemplate());
        filter.setTokenServices(tokenServices());
        filter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler("/login?error"));
        return filter;
    }

[paboulos]

I was trying what you mentioned, but the bean was conflicting with one of the Spring default classes marked @primary that OAuth2ClientAuthenticationProcessingFilter uses. It was so long ago, but I think it was the RestTemplate class that was marked Primary. The best I could do right now is add a error.ftl file to my templates directory to catch all unhandled errors on the client as a simple workaround. How does you're custom OAuth2ClientAuthenticationProcessingFilter get injected into OAuth2SsoConfigurerAdapter?