TUSCANY-3389 - Providing different http status code depending on the authentication/authorization error. 401 when user could not be authenticated, 403 when user was authenticated but it does not have the proper role to execute the operation

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@890591 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 3 insertions, 1 deletions

diff --git a/sca-java-1.x/trunk/modules/binding-jsonrpc-runtime/src/main/java/org/apache/tuscany/sca/binding/jsonrpc/provider/JSONRPCServiceServlet.java b/sca-java-1.x/trunk/modules/binding-jsonrpc-runtime/src/main/java/org/apache/tuscany/sca/binding/jsonrpc/provider/JSONRPCServiceServlet.java
index a6ccd195ae..346a51e5e7 100644
--- a/sca-java-1.x/trunk/modules/binding-jsonrpc-runtime/src/main/java/org/apache/tuscany/sca/binding/jsonrpc/provider/JSONRPCServiceServlet.java
+++ b/sca-java-1.x/trunk/modules/binding-jsonrpc-runtime/src/main/java/org/apache/tuscany/sca/binding/jsonrpc/provider/JSONRPCServiceServlet.java
@@ -97,7 +97,9 @@ public class JSONRPCServiceServlet extends JSONRPCServlet {
                 handleServiceRequest(request, response);
                 
             } catch(RuntimeException re) {
-                if (re.getCause() instanceof javax.security.auth.login.LoginException) {
+                if (re.getCause() instanceof javax.security.auth.login.FailedLoginException) {
+                    response.sendError(HttpServletResponse.SC_FORBIDDEN);                    
+                }else if (re.getCause() instanceof javax.security.auth.login.LoginException) {
                     response.setHeader("WWW-Authenticate", "BASIC realm=\"" + "ldap-realm" + "\"");
                     response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
                 }