On Tue, Mar 2, 2010 at 4:35 PM, Ruchith Fernando <[email protected] > wrote:
> Hi, > > I think you will have to add a handler to detect a failure in > authentication and then send the error code, if you need it to be > if the username token fails, why rampart can not set the http code as 401? thanks, Amila. > something other than the default. > > Thanks, > Ruchith > > On Tue, Mar 2, 2010 at 3:16 AM, Ansgar Berhorn <[email protected]> > wrote: > > Hello mailing list, > > > > I have a web service using Axis2 (tested both in 1.4.1 and 1.5.1) with > > Rampart for the security. > > > > When authentication fails, Axis2 will throw an exception internally and > > respond with http status 200. > > > > Is there a way to configure Axis2 or Rampart to responds properly with a > 401 > > (Unauthorized)? Maybe somebody can give a hint what/where to look for? I > > looked through all the Axis2 examples did not find any hint. > > > > <parameter name="InflowSecurity"> > > <action> > > <items>UsernameToken</items> > > <passwordCallbackClass> > > com.some.organisation.PasswordHandler > > </passwordCallbackClass> > > </action> > > </parameter> > > > > The PasswordHandler throws a > > > > WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION) > > > > What is the way to make my service respond with a 401 instead of a 200? > > > > Thanks for any hints in advance! > > > > Regards, > > Ansgar Berhorn > > > > > > -- > http://ruchith.org > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > -- Amila Suriarachchi WSO2 Inc. blog: http://amilachinthaka.blogspot.com/
