Hi
Hi,
in my service implementation I'm injecting the HttpServletResponse with the
@Context annotation:
@POST
@Path("/login")
public Feed login(@PathParam("username") String username,
@PathParam("password") String password,
@Context HttpServletResponse httpServletResponse)
and than I set the 401 status code when the user is not authorized. The
problem is that the status code is than overwritten in the
AbstractHTTPDestination class during the headers flushing:
Integer i = (Integer)outMessage.get(Message.RESPONSE_CODE);
if (i != null) {
int status = i.intValue();
... ... ...
response.setStatus(status);
is this the expected behaviour or is this a bug?
It is a bug. The injected HttpServletResponse will detect if the data have been already written to the output stream, but the status
is lost.
One option is to return a status from a custom ResponseFilter; starting from 2.2.4 you can have contexts like UriInfo injected into
filters, so you can get the username/password values easily enough (assuming you'd like to keep them in the uri) so from the filter
you can just do
return Response.status(403).build().
cheers, Sergey
Thanks in advance,
Vincenzo.
