You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Carsten Ziegeler (Jira)" <ji...@apache.org> on 2023/04/14 07:50:00 UTC

[jira] [Resolved] (SLING-2776) A POST that runs into an AccessDeniedException returns a 500 instead of a 403

     [ https://issues.apache.org/jira/browse/SLING-2776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Carsten Ziegeler resolved SLING-2776.
-------------------------------------
    Resolution: Won't Fix

> A POST that runs into an AccessDeniedException returns a 500 instead of a 403
> -----------------------------------------------------------------------------
>
>                 Key: SLING-2776
>                 URL: https://issues.apache.org/jira/browse/SLING-2776
>             Project: Sling
>          Issue Type: Bug
>          Components: Servlets
>    Affects Versions: Servlets Post 2.2.0
>         Environment: CQ5
>            Reporter: Thorben Heins
>            Assignee: Felix Meschberger
>            Priority: Trivial
>
> If you POST to an url that you are not allowed to POST to, a 500 is returned. 
> Here is my suggested fix:
> {code}
> host:~/Downloads/sling $ svn diff
> Index: bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java
> ===================================================================
> --- bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java	(revision 1453750)
> +++ bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java	(working copy)
> @@ -292,7 +292,11 @@
>          String path = getPath();
>          if (getProperty(PN_STATUS_CODE) == null) {
>              if (getError() != null) {
> -                setStatus(500, getError().toString());
> +		if (getError() instanceof javax.jcr.AccessDeniedException) {
> +		    setStatus(403, getError.toString());
> +		} else {
> +                    setStatus(500, getError().toString());
> +                }
>                  setTitle("Error while processing " + path);
>              } else {
>                  if (isCreateRequest()) {
> @@ -376,4 +380,4 @@
>          doSend(response);
>      }
> -}
> \ No newline at end of file
> +}
> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)