You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2008/01/18 15:07:25 UTC

svn commit: r613168 - /incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java

Author: fmeschbe
Date: Fri Jan 18 06:07:25 2008
New Revision: 613168

URL: http://svn.apache.org/viewvc?rev=613168&view=rev
Log:
SLING-4 Implement better status handling for different situations as proposed in the issue

Modified:
    incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java

Modified: incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java?rev=613168&r1=613167&r2=613168&view=diff
==============================================================================
--- incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java (original)
+++ incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java Fri Jan 18 06:07:25 2008
@@ -247,16 +247,41 @@
                 return true;
 
             } catch (TooManySessionsException se) {
-                log.info("Too many sessions for user: {}", se.getMessage());
+
+                // to many users, send a 503 Service Unavailable
+                log.info("authenticate: Too many sessions for user: {}",
+                    se.getMessage());
+
+                try {
+                    res.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE,
+                        "Too Many Users");
+                } catch (IOException ioe) {
+                    log.error("authenticate: Cannot send status 503 to client",
+                        ioe);
+                }
+                
             } catch (LoginException e) {
-                log.info("Unable to authenticate: {}", e.getMessage());
+                
+                // request authentication information and send 403 (Forbidden)
+                // if no handler can request authentication information.
+                log.info("authenticate: Unable to authenticate: {}",
+                    e.getMessage());
+                requestAuthentication(req, res);
+
             } catch (RepositoryException re) {
-                log.error("Unable to authenticate", re);
+                
+                // general problem, send a 500 Internal Server Error
+                log.error("authenticate: Unable to authenticate", re);
+                
+                try {
+                    res.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
+                        "Data Access Failure");
+                } catch (IOException ioe) {
+                    log.error("authenticate: Cannot send status 500 to client",
+                        ioe);
+                }
+                
             }
-
-            // request authentication information and send 403 (Forbidden)
-            // if no handler can request authentication information.
-            requestAuthentication(req, res);
 
             // end request
             return false;