From 67c3c7f9a5646a8c883649e79a0cf6b6a8f0aeea Mon Sep 17 00:00:00 2001 From: prabathabey Date: Fri, 12 Jun 2015 18:03:48 +0530 Subject: [PATCH] Fixing issues in handling requests that are not bound to an appropriate authenticator type --- .../framework/WebappAuthenticatorFrameworkValve.java | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java index dcfd51663df..d27116b8fea 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java @@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletResponse; public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { private static final String AUTHENTICATION_SCHEME = "authentication-scheme"; + private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkValve.class); @Override public void invoke(Request request, Response response, CompositeValve compositeValve) { @@ -40,7 +41,11 @@ public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { return; } WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(authScheme); - + if (authenticator == null) { + String msg = "Failed to load an appropriate authenticator to authenticate the request"; + AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg); + return; + } WebappAuthenticator.Status status = authenticator.authenticate(request, response); this.processResponse(request, response, compositeValve, status); } @@ -53,8 +58,9 @@ public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { this.getNext().invoke(request, response, compositeValve); break; case FAILURE: - AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, - "Failed to authorize the incoming request"); + String msg = "Failed to authorize incoming request"; + log.error(msg); + AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg); break; } }