@ExceptionHandler({UnrecoverableKeyException.class, BadPaddingException.class})
    @ResponseStatus(value=HttpStatus.FORBIDDEN, reason="Access Denied")
    public ResponseEntity<List<String>> handleBadCredentialsException(Exception ex) {
        log.debug("Bad credentials exception: {}", ex.getMessage(), ex);
        List<String> errors = Collections.singletonList(ex.getMessage());