You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@stratos.apache.org by ud...@apache.org on 2015/05/31 16:14:34 UTC

stratos git commit: forbid access to metadata service when Authorization token is emapty

Repository: stratos
Updated Branches:
  refs/heads/master 54fc2e13d -> 02f9f530b


forbid access to metadata service when Authorization token is emapty


Project: http://git-wip-us.apache.org/repos/asf/stratos/repo
Commit: http://git-wip-us.apache.org/repos/asf/stratos/commit/02f9f530
Tree: http://git-wip-us.apache.org/repos/asf/stratos/tree/02f9f530
Diff: http://git-wip-us.apache.org/repos/asf/stratos/diff/02f9f530

Branch: refs/heads/master
Commit: 02f9f530ba4bfffb4bdc40b4ff75d1e61b44df03
Parents: 54fc2e1
Author: Udara Liyanage <ud...@wso2.com>
Authored: Sun May 31 19:44:06 2015 +0530
Committer: Udara Liyanage <ud...@wso2.com>
Committed: Sun May 31 19:44:06 2015 +0530

----------------------------------------------------------------------
 .../org/apache/stratos/metadata/service/handlers/OAuthHandler.java | 2 ++
 1 file changed, 2 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/stratos/blob/02f9f530/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java
index 1d3379f..97a9039 100644
--- a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java
+++ b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java
@@ -93,6 +93,8 @@ public class OAuthHandler extends AbstractAuthenticationAuthorizationHandler {
                 if (!valid) {
                     return Response.status(Response.Status.FORBIDDEN).build();
                 }
+            }else{
+                return Response.status(Response.Status.FORBIDDEN).build();
             }
         } catch (Exception e) {
             log.error("Error while validating access token", e);