Re: Guard, authenticate failure, HTTP 401

[Thierry Boileau]

Hello Diego, I send you my sample code. I receive 401 status code when the authentication fails.   Best regards, Thierry Boileau -- Restlet ~ Core developer ~ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com Hi Stephan, Thierry, Thanks for the answers, but.. er.. I'm using 1.1.1 fresh from maven repo. Sources pulled from there too. And I am overriding the forbid method, which in 1.1.1 returns CLIENT_ERROR_FORBIDDEN. Check here: http://restlet.tigris.org/source/browse/restlet/tags/1.1/1.1.1/modules/org.restlet/src/org/restlet/Guard.java?rev=3933&view=markup br, Diego Thierry Boileau wrote: Hello Diego, I suppose you are running with Restlet 1.0, since Restlet 1.1 behaves differently (returns 401 status). We think that this behaviour won't be changed in the future. Thus, we kindly encourage you to use Restlet 1.1 or create a subclass and override the "forbid" method (which sets the 403 status). Best regards, Thierry Boileau -- Restlet ~ Core developer ~ http://www.restlet.org <http://www.restlet.org/> Noelios Technologies ~ Co-founder ~ http://www.noelios.com <http://www.noelios.com/> Hello, By default Guard returns 403 (forbidden) if authentication fails? Shouldn't it be 401? 401: The request requires user authentication 403: request, but is refusing to fulfill it as it could be explained in the entity. br, DIego

package testGuard;

import org.restlet.Application;
import org.restlet.Client;
import org.restlet.Component;
import org.restlet.Guard;
import org.restlet.Restlet;
import org.restlet.data.ChallengeResponse;
import org.restlet.data.ChallengeScheme;
import org.restlet.data.MediaType;
import org.restlet.data.Method;
import org.restlet.data.Protocol;
import org.restlet.data.Request;
import org.restlet.data.Response;

public class TestApplication {

    public static void main(String[] args) throws Exception {
        Component component = new Component();
        component.getServers().add(Protocol.HTTP, 8182);

        Application application = new Application(component.getContext()) {
            @Override
            public Restlet createRoot() {
                Restlet restlet = new Restlet(getContext()) {
                    @Override
                    public void handle(Request request, Response response) {
                        response
                                .setEntity("hello, world", MediaType.TEXT_PLAIN);
                    }
                };

                Guard guard = new Guard(getContext(),
                        ChallengeScheme.HTTP_BASIC, "test");
                guard.getSecrets().put("login", "password".toCharArray());
                guard.setNext(restlet);
                return guard;
            }
        };

        component.getDefaultHost().attach(application);
        component.start();

        Request request = new Request(Method.GET, "http://localhost:8182/";);
        Client client = new Client(Protocol.HTTP);
        Response response = client.handle(request);
        System.err.println("*******" + response.getStatus());

        ChallengeResponse cr = new ChallengeResponse(
                ChallengeScheme.HTTP_BASIC, "logine", "password");
        request.setChallengeResponse(cr);
        response = client.handle(request);
        System.err.println("*******" + response.getStatus());

        cr = new ChallengeResponse(ChallengeScheme.HTTP_BASIC, "login",
                "password");
        request.setChallengeResponse(cr);
        response = client.handle(request);
        System.err.println("*******" + response.getStatus());
        component.stop();
    }

}