knox git commit: KNOX-1210 - Update response code from 403 to 401 for token validation failures (for XHR request)

Wed, 21 Mar 2018 08:49:01 -0700 

Repository: knox
Updated Branches:
  refs/heads/master 9fd0be126 -> ee55e06fc


KNOX-1210 - Update response code from 403 to 401 for token validation failures 
(for XHR request)


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/ee55e06f
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/ee55e06f
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/ee55e06f

Branch: refs/heads/master
Commit: ee55e06fcf58c98959afab774fd891f1d9fa49ad
Parents: 9fd0be1
Author: Sandeep More <[email protected]>
Authored: Wed Mar 21 11:48:40 2018 -0400
Committer: Sandeep More <[email protected]>
Committed: Wed Mar 21 11:48:40 2018 -0400

----------------------------------------------------------------------
 .../provider/federation/jwt/filter/SSOCookieFederationFilter.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/ee55e06f/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java
----------------------------------------------------------------------
diff --git 
a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java
 
b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java
index 21f5641..1a43e3a 100644
--- 
a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java
+++ 
b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java
@@ -128,7 +128,7 @@ public class SSOCookieFederationFilter extends 
AbstractJWTFilter {
     if (request.getHeader(XHR_HEADER) != null && request.getHeader(XHR_HEADER)
         .equalsIgnoreCase(XHR_VALUE)) {
       final byte[] data = error.getBytes("UTF-8");
-      response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+      response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
       response.setContentType(MimeTypes.Type.TEXT_PLAIN.toString());
       response.setContentLength(data.length);
       response.getOutputStream().write(data);

Reply via email to