Take a look at this: https://github.com/apache/shiro/blob/trunk/web/src/main/java/org/apache/shiro/web/filter/authz/AuthorizationFilter.java#L106
By default it depends on how you have the filter configured (if you have an unauthorizedUrl) or not. Or in your case, maybe you always want to return a 401 On Tue, Jun 24, 2014 at 11:43 AM, evega <[email protected]> wrote: > I am working on a X509AuthenticationFilter which extends > AuthenticatingFilter. If there is a problem I want to return a 401 > Unauthorized. If I try the following I get a HTTP ERROR 500. Is there any > way to get it to return a 401? > > @Override > protected AuthenticationToken createToken(ServletRequest request, > ServletResponse response) throws Exception { > > > throw new UnauthenticatedException("DDDDDD"); > > > } > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Returning-401-Unauthorized-in-AuthenticatingFilter-tp7580044.html > Sent from the Shiro User mailing list archive at Nabble.com. >
