From 0736bfd7a02c1c3991be475fae5f70607bf3070f Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Thu, 19 Jan 2017 23:11:46 +0300 Subject: juick-api: unauthorized response must be 401 --- .../juick/api/configuration/ApiSecurityConfig.java | 6 +++--- .../ForbiddenStatusAuthenticationEntryPoint.java | 20 -------------------- .../NotAuthorizedAuthenticationEntryPoint.java | 20 ++++++++++++++++++++ 3 files changed, 23 insertions(+), 23 deletions(-) delete mode 100644 juick-server/src/main/java/com/juick/server/security/ForbiddenStatusAuthenticationEntryPoint.java create mode 100644 juick-server/src/main/java/com/juick/server/security/NotAuthorizedAuthenticationEntryPoint.java diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java index 2d3540ab..48d79e27 100644 --- a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java +++ b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java @@ -1,6 +1,6 @@ package com.juick.api.configuration; -import com.juick.server.security.ForbiddenStatusAuthenticationEntryPoint; +import com.juick.server.security.NotAuthorizedAuthenticationEntryPoint; import com.juick.service.UserService; import com.juick.service.security.JuickUserDetailsService; import com.juick.service.security.deprecated.RequestParamHashRememberMeServices; @@ -82,8 +82,8 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { } @Bean - public ForbiddenStatusAuthenticationEntryPoint getJuickAuthenticationEntryPoint() { - return new ForbiddenStatusAuthenticationEntryPoint(); + public NotAuthorizedAuthenticationEntryPoint getJuickAuthenticationEntryPoint() { + return new NotAuthorizedAuthenticationEntryPoint(); } @Bean diff --git a/juick-server/src/main/java/com/juick/server/security/ForbiddenStatusAuthenticationEntryPoint.java b/juick-server/src/main/java/com/juick/server/security/ForbiddenStatusAuthenticationEntryPoint.java deleted file mode 100644 index 92b206dd..00000000 --- a/juick-server/src/main/java/com/juick/server/security/ForbiddenStatusAuthenticationEntryPoint.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.juick.server.security; - -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.web.AuthenticationEntryPoint; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -/** - * Created by vitalyster on 25.11.2016. - */ -public class ForbiddenStatusAuthenticationEntryPoint implements AuthenticationEntryPoint { - @Override - public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) - throws IOException, ServletException { - response.setStatus(HttpServletResponse.SC_FORBIDDEN); - } -} diff --git a/juick-server/src/main/java/com/juick/server/security/NotAuthorizedAuthenticationEntryPoint.java b/juick-server/src/main/java/com/juick/server/security/NotAuthorizedAuthenticationEntryPoint.java new file mode 100644 index 00000000..d9dc6d61 --- /dev/null +++ b/juick-server/src/main/java/com/juick/server/security/NotAuthorizedAuthenticationEntryPoint.java @@ -0,0 +1,20 @@ +package com.juick.server.security; + +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.AuthenticationEntryPoint; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * Created by vitalyster on 25.11.2016. + */ +public class NotAuthorizedAuthenticationEntryPoint implements AuthenticationEntryPoint { + @Override + public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) + throws IOException, ServletException { + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + } +} -- cgit v1.2.3