[
https://issues.apache.org/jira/browse/JENA-990?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14632776#comment-14632776
]
Andy Seaborne commented on JENA-990:
------------------------------------
> If Fuseki is going to respond to them distinctly
That's a rather big "if". All Fuseki can do is 401 or 403, together with
passing authentication tokens downwards. It is not going to be sensitive to
the kind of operation (if it were, it would be a security framework itself). It
needs to be told whether to engage in HTTP authentication and make the outcomes
accessible.
> rename the UpdateDeniedException
> ---------------------------------
>
> Key: JENA-990
> URL: https://issues.apache.org/jira/browse/JENA-990
> Project: Apache Jena
> Issue Type: Improvement
> Components: Core
> Affects Versions: Jena 3.0.0
> Reporter: Claude Warren
> Assignee: Claude Warren
> Priority: Minor
>
> As noted in a discussion on the dev list between myself and Andy this update
> is to rename the current UpdateDeniedException to AccessDeniedException and
> extend it from a newly created OperationDeniedException.
> AddDeniedException and DeleteDeniedException will extend
> AccessDeniedException.
> jena-permissions will extend AccessDeniedException to create:
> ReadDeniedException -- for read restrictions
> UpdateDeniedException -- for update restrictions (modifying triples that
> already exists as opposed to adding new triples)
> This will allow Fuskei to properly respond to the case where jena-permissions
> is in place and there are update restrictions in place. Currently Fuseki
> returns this as a 500 error. Once we have a common permission denied
> exception we can return either authentication required or access denied as
> appropriate.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
