MethodAuthorizationDeniedHandler is an interface with a single non-default method, therefore it can be implemented by a lambda. However, HandleAuthorizationDenied can only reference a handler by class, excluding lambdas.

I would like HandleAuthorizationDenied to have an additional parameter String handler() default "" so that this is possible:

@Configuration
@EnableMethodSecurity
class MyConfiguration {

  @Bean
  MethodAuthorizationDeniedHandler emptyListHandler() {
    return (invocation, result) -> List.of();
  }

}

class Account {
  String name;
  @PreAuthorize("hasRole('DETAILS')")
  @HandleAuthorizationDenied(handler = "emptyListHandler")
  List<String> details;
}

Even better if the handler name could be interpolated from a property or a spel expression.