axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hadd...@apache.org
Subject cvs commit: xml-axis/java/src/org/apache/axis/transport/http AxisServlet.java
Date Tue, 20 Aug 2002 04:57:13 GMT
haddadc     2002/08/19 21:57:13

  Modified:    java/src/org/apache/axis/transport/http AxisServlet.java
  Log:
  Properly craft Basic Auth challenge header when 401 (UnAuthorized) error is returned.  Fixes
bug #11763. Patch contributed by Giorgio Maone.
  
  Revision  Changes    Path
  1.137     +10 -4     xml-axis/java/src/org/apache/axis/transport/http/AxisServlet.java
  
  Index: AxisServlet.java
  ===================================================================
  RCS file: /home/cvs/xml-axis/java/src/org/apache/axis/transport/http/AxisServlet.java,v
  retrieving revision 1.136
  retrieving revision 1.137
  diff -u -r1.136 -r1.137
  --- AxisServlet.java	16 Aug 2002 19:28:02 -0000	1.136
  +++ AxisServlet.java	20 Aug 2002 04:57:13 -0000	1.137
  @@ -573,7 +573,11 @@
                   log.error(JavaUtils.getMessage("exception00"), e);
                   // It's been suggested that a lack of SOAPAction
                   // should produce some other error code (in the 400s)...
  -                res.setStatus(getHttpServletResponseStatus(e));
  +                int status = getHttpServletResponseStatus(e);
  +                if (status == HttpServletResponse.SC_UNAUTHORIZED)
  +                  res.setHeader("WWW-Authenticate","Basic realm=\"AXIS\"");
  +                  // TODO: less generic realm choice?
  +                res.setStatus(status);
                   responseMsg = new Message(e);
               } catch (Exception e) {
                   log.error(JavaUtils.getMessage("exception00"), e);
  @@ -620,9 +624,11 @@
       protected int getHttpServletResponseStatus(AxisFault af) {
           // TODO: Should really be doing this with explicit AxisFault
           // subclasses... --Glen
  -        return af.getFaultCode().getLocalPart().equals("Server.Unauthorized")
  -                ? HttpServletResponse.SC_UNAUTHORIZED
  -                : HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
  +                return af.getFaultCode().getLocalPart().startsWith("Server.Unauth")
  +                         ? HttpServletResponse.SC_UNAUTHORIZED
  +                         : HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
  +               // This will raise a 401 for both
  +               // "Unauthenticated" & "Unauthorized"...
       }
   
       /**
  
  
  

Mime
View raw message