libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Separated the error message for Bearer token and Basic authentication failures.

Browse source
This commit is contained in:
Thomas Raehalme 2015-08-17 22:36:59 +03:00
parent b3f142d715
commit 3a4897c7d2
1 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java
View file

@ -188,9 +188,14 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
AuthenticationException failed) throws IOException, ServletException {
if (this.isBearerTokenRequest(request) || this.isBasicAuthRequest(request)) {
if (this.isBearerTokenRequest(request)) {
SecurityContextHolder.clearContext();
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Unable to authenticate bearer token/basic authentication");
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Unable to authenticate bearer token");
return;
}
else if (this.isBasicAuthRequest(request)) {
SecurityContextHolder.clearContext();
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Unable to authenticate with basic authentication");
return;
}