You could try doing a: message.put(Message.RESPONSE_CODE, 401)
I’m not sure this will work though. Maybe doing that on the Fault chain someplace would work better. Not sure. This isn’t “easy” to achieve as the SOAP spec mandates that soap faults always use a response code 500 so we may be overriding various settings if SOAP is used. Another option would be to make your AuthenticationException subclass CXF’s Fault class. (or wrapper your AuthenticationException in a Fault). The Fault class has a setStatusCode method on it to hold the status code that should be sent back with that fault. Dan On May 8, 2014, at 9:15 PM, Paul Avijit <[email protected]> wrote: > Hi, > > I have a CXF JAX-WS service where custom authentication and authorization is > done using a class, SoapAuthInterceptor which extends > AbstractPhaseInterceptor<Message>. > > When authentication fails I want to set HTTP Response code 401 and when > authorization fails I want to set HTTP Response code 403. > > In the method handleMessage(Message message) of SoapAuthInterceptor I have > tried the following but it still only send response code 500. > > If (Authorization fails) > { > HttpServletResponse httpServletResponse = > (HttpServletResponse)message.get("HTTP.RESPONSE"); > httpServletResponse.addHeader("Response-Code", "403"); > message.put("HTTP.RESPONSE", httpServletResponse); > > throw new AuthenticationException("Forbidden 403"); // This goes as SOAP > Fault in the response > } > > Is there a way to set HTTP response code in this case. Please help. > > Thanks in advance. > > Regards > Paul -- Daniel Kulp [email protected] - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
