Strolch
/
strolch
mirror of https://github.com/strolch-li/strolch.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Fix] Return 403 instead of 401 for StrolchAccessDeniedException

This commit is contained in:
Robert von Burg 2021-02-08 16:11:09 +01:00
parent ff0f6b57eb
commit f19484abc0
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
li.strolch.rest/src/main/java/li/strolch/rest/StrolchRestfulExceptionMapper.java
View File

@ -1,12 +1,12 @@
/* /*
* Copyright 2015 Robert von Burg <eitch@eitchnet.ch> * Copyright 2015 Robert von Burg <eitch@eitchnet.ch>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
* You may obtain a copy of the License at * You may obtain a copy of the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, software * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, * distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -24,6 +24,7 @@ import javax.ws.rs.ext.Provider;
import java.text.MessageFormat; import java.text.MessageFormat;
import li.strolch.exception.StrolchAccessDeniedException; import li.strolch.exception.StrolchAccessDeniedException;
import li.strolch.exception.StrolchNotAuthenticatedException;
import li.strolch.privilege.model.Restrictable; import li.strolch.privilege.model.Restrictable;
import li.strolch.rest.helper.ResponseUtil; import li.strolch.rest.helper.ResponseUtil;
import org.slf4j.Logger; import org.slf4j.Logger;
@ -59,7 +60,12 @@ public class StrolchRestfulExceptionMapper implements ExceptionMapper<Exception>
sb.append(restrictable.getPrivilegeValue()); sb.append(restrictable.getPrivilegeValue());
} }
return Response.status(Status.UNAUTHORIZED).entity(sb.toString()).type(MediaType.TEXT_PLAIN).build(); return Response.status(Status.FORBIDDEN).entity(sb.toString()).type(MediaType.TEXT_PLAIN).build();
} else if (ex instanceof StrolchNotAuthenticatedException) {
StrolchNotAuthenticatedException e = (StrolchNotAuthenticatedException) ex;
logger.error("User tried to access resource, but was not authenticated: " + ex.getMessage());
return Response.status(Status.UNAUTHORIZED).entity(e.getMessage()).type(MediaType.TEXT_PLAIN).build();
} }
return ResponseUtil.toResponse(ex); return ResponseUtil.toResponse(ex);