in src/main/java/com/epam/digital/data/platform/starter/security/jwt/DefaultAccessDeniedHandler.java [38:53]
public void handle(HttpServletRequest request, HttpServletResponse response,
AccessDeniedException accessDeniedException) throws IOException {
// This is invoked when user tries to access a secured REST resource without the necessary authorization
// We just send a 403 Forbidden response because there is no 'error' page to redirect to
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
response.getWriter().write(objectMapper.writeValueAsString(
new ErrorRestResponseDto(
ErrorDto.builder()
.code("403")
.message(accessDeniedException.getMessage())
.traceId(MDC.get("X-B3-TraceId"))
.build()
)
));
}