From 4faa78799a947b7c06db6835ac25c0954e102c5a Mon Sep 17 00:00:00 2001 From: Abhishek Koneru Date: Wed, 21 Nov 2012 18:45:32 -0500 Subject: Ticket 191 - Mapping HTTP Exception to their proper HTTP error codes --- .../src/com/netscape/certsrv/acls/ACLInterceptor.java | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'base/common/src/com/netscape/certsrv/acls/ACLInterceptor.java') diff --git a/base/common/src/com/netscape/certsrv/acls/ACLInterceptor.java b/base/common/src/com/netscape/certsrv/acls/ACLInterceptor.java index bcb0b80a2..c30740260 100644 --- a/base/common/src/com/netscape/certsrv/acls/ACLInterceptor.java +++ b/base/common/src/com/netscape/certsrv/acls/ACLInterceptor.java @@ -24,9 +24,7 @@ import java.security.Principal; import java.util.Properties; import javax.servlet.ServletContext; -import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.Context; -import javax.ws.rs.core.Response; import javax.ws.rs.core.SecurityContext; import javax.ws.rs.ext.Provider; @@ -44,6 +42,7 @@ import com.netscape.certsrv.authorization.AuthzToken; import com.netscape.certsrv.authorization.EAuthzAccessDenied; import com.netscape.certsrv.authorization.IAuthzSubsystem; import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.ForbiddenException; import com.netscape.cmscore.realm.PKIPrincipal; @@ -76,7 +75,7 @@ public class ACLInterceptor implements PreProcessInterceptor { public ServerResponse preProcess( HttpRequest request, ResourceMethod resourceMethod - ) throws Failure, WebApplicationException { + ) throws Failure, ForbiddenException { // Get ACL mapping for the method. Method method = resourceMethod.getMethod(); @@ -95,12 +94,12 @@ public class ACLInterceptor implements PreProcessInterceptor { // If unauthenticated, reject request. if (principal == null) { - throw new WebApplicationException(Response.Status.FORBIDDEN); + throw new ForbiddenException("No user principal provided."); } // If unrecognized principal, reject request. if (!(principal instanceof PKIPrincipal)) { - throw new WebApplicationException(Response.Status.FORBIDDEN); + throw new ForbiddenException("Invalid user principal"); } PKIPrincipal pkiPrincipal = (PKIPrincipal)principal; @@ -108,7 +107,7 @@ public class ACLInterceptor implements PreProcessInterceptor { // If missing auth token, reject request. if (authToken == null) { - throw new WebApplicationException(Response.Status.FORBIDDEN); + throw new ForbiddenException("No authorization token present."); } try { @@ -124,7 +123,7 @@ public class ACLInterceptor implements PreProcessInterceptor { // If invalid mapping, reject request. if (values.length != 2) { - throw new WebApplicationException(Response.Status.FORBIDDEN); + throw new ForbiddenException("Invalid ACL mapping."); } // Check authorization. @@ -137,11 +136,11 @@ public class ACLInterceptor implements PreProcessInterceptor { // If not authorized, reject request. if (authzToken == null) { - throw new WebApplicationException(Response.Status.FORBIDDEN); + throw new ForbiddenException("No authorization token present."); } } catch (EAuthzAccessDenied e) { - throw new WebApplicationException(Response.Status.FORBIDDEN); + throw new ForbiddenException(e.toString()); } catch (IOException|EBaseException e) { e.printStackTrace(); -- cgit