Hi,
I have a CXF JAX-WS service where custom authentication and authorization is
done using a class, SoapAuthInterceptor which extends
AbstractPhaseInterceptor<Message>.
When authentication fails I want to set HTTP Response code 401 and when
authorization fails I want to set HTTP Response code 403.
In the method handleMessage(Message message) of SoapAuthInterceptor I have
tried the following but it still only send response code 500.
If (Authorization fails)
{
HttpServletResponse httpServletResponse =
(HttpServletResponse)message.get("HTTP.RESPONSE");
httpServletResponse.addHeader("Response-Code", "403");
message.put("HTTP.RESPONSE", httpServletResponse);
throw new AuthenticationException("Forbidden 403"); // This goes as SOAP Fault
in the response
}
Is there a way to set HTTP response code in this case. Please help.
Thanks in advance.
Regards
Paul
