Merge pull request #1611 from raehalme/KEYCLOAK-1829
KEYCLOAK-1829 unsuccessfulAuthentication now returns HTTP response status 401 instead of 403
This commit is contained in:
commit
0ba6ab198a
2 changed files with 4 additions and 4 deletions
|
@ -190,12 +190,12 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
|
|||
|
||||
if (this.isBearerTokenRequest(request)) {
|
||||
SecurityContextHolder.clearContext();
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Unable to authenticate bearer token");
|
||||
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unable to authenticate bearer token");
|
||||
return;
|
||||
}
|
||||
else if (this.isBasicAuthRequest(request)) {
|
||||
SecurityContextHolder.clearContext();
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Unable to authenticate with basic authentication");
|
||||
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unable to authenticate with basic authentication");
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
@ -148,7 +148,7 @@ public class KeycloakAuthenticationProcessingFilterTest {
|
|||
AuthenticationException exception = new BadCredentialsException("OOPS");
|
||||
this.setBearerAuthHeader(request);
|
||||
filter.unsuccessfulAuthentication(request, response, exception);
|
||||
verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), anyString());
|
||||
verify(response).sendError(eq(HttpServletResponse.SC_UNAUTHORIZED), anyString());
|
||||
verify(failureHandler, never()).onAuthenticationFailure(any(HttpServletRequest.class), any(HttpServletResponse.class),
|
||||
any(AuthenticationException.class));
|
||||
}
|
||||
|
@ -158,7 +158,7 @@ public class KeycloakAuthenticationProcessingFilterTest {
|
|||
AuthenticationException exception = new BadCredentialsException("OOPS");
|
||||
this.setBasicAuthHeader(request);
|
||||
filter.unsuccessfulAuthentication(request, response, exception);
|
||||
verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), anyString());
|
||||
verify(response).sendError(eq(HttpServletResponse.SC_UNAUTHORIZED), anyString());
|
||||
verify(failureHandler, never()).onAuthenticationFailure(any(HttpServletRequest.class), any(HttpServletResponse.class),
|
||||
any(AuthenticationException.class));
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue