cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cschnei...@apache.org
Subject cxf git commit: CXF-6206 Adding an interceptor to create 401 response
Date Wed, 21 Jan 2015 08:59:43 GMT
Repository: cxf
Updated Branches:
  refs/heads/master c584e44a3 -> c9fc8344c


CXF-6206 Adding an interceptor to create 401 response


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c9fc8344
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c9fc8344
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c9fc8344

Branch: refs/heads/master
Commit: c9fc8344cbace9fc21f36dc64b0fb33a26531bc6
Parents: c584e44
Author: Christian Schneider <chris@die-schneider.net>
Authored: Wed Jan 21 09:59:38 2015 +0100
Committer: Christian Schneider <chris@die-schneider.net>
Committed: Wed Jan 21 09:59:38 2015 +0100

----------------------------------------------------------------------
 .../http/HttpAuthenticationFaultHandler.java    | 75 ++++++++++++++++++++
 1 file changed, 75 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c9fc8344/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthenticationFaultHandler.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthenticationFaultHandler.java
b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthenticationFaultHandler.java
new file mode 100644
index 0000000..3167669
--- /dev/null
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthenticationFaultHandler.java
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.transport.http;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.interceptor.security.AuthenticationException;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+
+/**
+ * Translates an AuthenticationException into a 401 response
+ */
+public class HttpAuthenticationFaultHandler extends AbstractPhaseInterceptor<Message>
{
+    String authenticationType;
+    String realm;
+    
+    public HttpAuthenticationFaultHandler() {
+        super(Phase.UNMARSHAL);
+        this.authenticationType = "Basic";
+        this.realm = "CXF service";
+    }
+    
+    @Override
+    public void handleMessage(Message message) throws Fault {
+        // Nothing
+    }
+
+    @Override
+    public void handleFault(Message message) {
+        Exception ex = message.getContent(Exception.class);
+        if (ex instanceof AuthenticationException) {
+            HttpServletResponse resp = (HttpServletResponse)message.getExchange()
+                .getInMessage().get(AbstractHTTPDestination.HTTP_RESPONSE);
+            resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            resp.setHeader("WWW-Authenticate", authenticationType + " realm=\"" + realm +
"\"");
+            resp.setContentType("text/plain");
+            try {
+                resp.getWriter().write(ex.getMessage());
+                resp.getWriter().flush();
+                message.getInterceptorChain().abort();
+            } catch (IOException e) {
+                // TODO
+            }
+        }
+    }
+
+    public void setAuthenticationType(String authenticationType) {
+        this.authenticationType = authenticationType;
+    }
+    
+    public void setRealm(String realm) {
+        this.realm = realm;
+    }
+}


Mime
View raw message