Strolch
/
strolch
mirror of https://github.com/strolch-li/strolch.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Minor] Using better abort status when validating requests

This commit is contained in:
Robert von Burg 2021-02-12 16:48:35 +01:00
parent 8cf29f50c4
commit ec1e8d2c02
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
li.strolch.rest/src/main/java/li/strolch/rest/filters/AuthenticationRequestFilter.java
View File

@ -237,7 +237,7 @@ public class AuthenticationRequestFilter implements ContainerRequestFilter {
if (certificate.getUsage() == Usage.SET_PASSWORD) {
if (!requestContext.getUriInfo().getMatchedURIs()
.contains("strolch/privilege/users/" + certificate.getUsername() + "/password")) {
requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED)
requestContext.abortWith(Response.status(Response.Status.FORBIDDEN)
.header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN).entity("Can only set password!")
.build());
return null;