libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Set headers before calling sendError() method

Browse source 
Closes #23325
This commit is contained in:
Emilien Bondu 2023-09-18 15:50:00 +02:00 committed by Pedro Igor
parent c2fc2c2b03
commit 95a45f0910
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
authz/policy-enforcer/src/main/java/org/keycloak/adapters/authorization/PolicyEnforcer.java
View file

@ -337,9 +337,9 @@ public class PolicyEnforcer {
String ticket = getPermissionTicket(pathConfig, methodConfig, authzClient, request); String ticket = getPermissionTicket(pathConfig, methodConfig, authzClient, request);
if (ticket != null) { if (ticket != null) {
response.sendError(401);
response.setHeader("WWW-Authenticate", new StringBuilder("UMA realm=\"").append(authzClient.getConfiguration().getRealm()).append("\"").append(",as_uri=\"") response.setHeader("WWW-Authenticate", new StringBuilder("UMA realm=\"").append(authzClient.getConfiguration().getRealm()).append("\"").append(",as_uri=\"")
.append(authzClient.getServerConfiguration().getIssuer()).append("\"").append(",ticket=\"").append(ticket).append("\"").toString()); .append(authzClient.getServerConfiguration().getIssuer()).append("\"").append(",ticket=\"").append(ticket).append("\"").toString());
response.sendError(401);
} else { } else {
response.sendError(403); response.sendError(403);
} }
@ -360,8 +360,8 @@ public class PolicyEnforcer {
String accessDeniedPath = enforcerConfig.getOnDenyRedirectTo(); String accessDeniedPath = enforcerConfig.getOnDenyRedirectTo();
if (accessDeniedPath != null) { if (accessDeniedPath != null) {
response.sendError(302);
response.setHeader("Location", accessDeniedPath); response.setHeader("Location", accessDeniedPath);
response.sendError(302);
} else { } else {
response.sendError(403); response.sendError(403);
} }