Author: fmeschbe
Date: Sun Jan 9 03:25:17 2011
New Revision: 1056878
URL: http://svn.apache.org/viewvc?rev=1056878&view=rev
Log:
FELIX-2768 Preset 403/FORBIDDEN response before calling
HttpContext.handleSecurity instead of sendError after handleSecurity. This
presets a sensible status if handleSecurity does not do it but does not
overwrite the handleSecurity response if handleSecurity does not flush the
buffer
Modified:
felix/trunk/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java
Modified:
felix/trunk/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java
URL:
http://svn.apache.org/viewvc/felix/trunk/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java?rev=1056878&r1=1056877&r2=1056878&view=diff
==============================================================================
---
felix/trunk/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java
(original)
+++
felix/trunk/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java
Sun Jan 9 03:25:17 2011
@@ -85,11 +85,14 @@ public final class ServletHandler
private void doHandle(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException
{
- if (!getContext().handleSecurity(req, res)) {
- if (!res.isCommitted()) {
- res.sendError(HttpServletResponse.SC_FORBIDDEN);
- }
- } else {
+ // set a sensible status code in case handleSecurity returns false
+ // but fails to send a response
+ res.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ if (getContext().handleSecurity(req, res))
+ {
+ // reset status to OK for further processing
+ res.setStatus(HttpServletResponse.SC_OK);
+
this.servlet.service(new ServletHandlerRequest(req, this.alias),
res);
}
}
