From 67c3c7f9a5646a8c883649e79a0cf6b6a8f0aeea Mon Sep 17 00:00:00 2001
From: prabathabey <prabathabey@git.com>
Date: Fri, 12 Jun 2015 18:03:48 +0530
Subject: [PATCH] Fixing issues in handling requests that are not bound to an
 appropriate authenticator type

---
 .../framework/WebappAuthenticatorFrameworkValve.java | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java
index dcfd51663d..d27116b8fe 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java
@@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletResponse;
 public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
 
     private static final String AUTHENTICATION_SCHEME = "authentication-scheme";
+    private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkValve.class);
 
     @Override
     public void invoke(Request request, Response response, CompositeValve compositeValve) {
@@ -40,7 +41,11 @@ public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
             return;
         }
         WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(authScheme);
-
+        if (authenticator == null) {
+            String msg = "Failed to load an appropriate authenticator to authenticate the request";
+            AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+            return;
+        }
         WebappAuthenticator.Status status = authenticator.authenticate(request, response);
         this.processResponse(request, response, compositeValve, status);
     }
@@ -53,8 +58,9 @@ public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
                 this.getNext().invoke(request, response, compositeValve);
                 break;
             case FAILURE:
-                AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED,
-                        "Failed to authorize the incoming request");
+                String msg = "Failed to authorize incoming request";
+                log.error(msg);
+                AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
                 break;
         }
     }