[Minor] Using better abort status when validating requests
This commit is contained in:
parent
8cf29f50c4
commit
ec1e8d2c02
|
@ -237,7 +237,7 @@ public class AuthenticationRequestFilter implements ContainerRequestFilter {
|
||||||
if (certificate.getUsage() == Usage.SET_PASSWORD) {
|
if (certificate.getUsage() == Usage.SET_PASSWORD) {
|
||||||
if (!requestContext.getUriInfo().getMatchedURIs()
|
if (!requestContext.getUriInfo().getMatchedURIs()
|
||||||
.contains("strolch/privilege/users/" + certificate.getUsername() + "/password")) {
|
.contains("strolch/privilege/users/" + certificate.getUsername() + "/password")) {
|
||||||
requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED)
|
requestContext.abortWith(Response.status(Response.Status.FORBIDDEN)
|
||||||
.header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN).entity("Can only set password!")
|
.header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN).entity("Can only set password!")
|
||||||
.build());
|
.build());
|
||||||
return null;
|
return null;
|
||||||
|
|
Loading…
Reference in New Issue