You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2008/03/14 16:00:38 UTC
svn commit: r637125 -
/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java
Author: fmeschbe
Date: Fri Mar 14 08:00:37 2008
New Revision: 637125
URL: http://svn.apache.org/viewvc?rev=637125&view=rev
Log:
SLING-327 Apply the same exception handling and login failure mechanism
when acquiring the anonymous session as when acquiring the regular session.
Modified:
incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java
Modified: incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java?rev=637125&r1=637124&r2=637125&view=diff
==============================================================================
--- incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java (original)
+++ incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java Fri Mar 14 08:00:37 2008
@@ -219,40 +219,9 @@
return true;
- } catch (TooManySessionsException se) {
-
- // to many users, send a 503 Service Unavailable
- log.info("authenticate: Too many sessions for user: {}",
- se.getMessage());
-
- try {
- res.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE,
- "Too Many Users");
- } catch (IOException ioe) {
- log.error("authenticate: Cannot send status 503 to client",
- ioe);
- }
-
- } catch (LoginException e) {
-
- // request authentication information and send 403 (Forbidden)
- // if no handler can request authentication information.
- log.info("authenticate: Unable to authenticate: {}",
- e.getMessage());
- requestAuthentication(req, res);
-
} catch (RepositoryException re) {
- // general problem, send a 500 Internal Server Error
- log.error("authenticate: Unable to authenticate", re);
-
- try {
- res.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
- "Data Access Failure");
- } catch (IOException ioe) {
- log.error("authenticate: Cannot send status 500 to client",
- ioe);
- }
+ handleLoginFailure(req, res, re);
}
@@ -389,28 +358,61 @@
Session session = getRepository().login();
setAttributes(session, null, req);
return true;
- } catch (TooManySessionsException se) {
- log.error(
- "getAnonymousSession: Too many anonymous users active", se);
- } catch (LoginException le) {
- log.error(
- "getAnonymousSession: Login failure, requesting authentication",
- le);
} catch (RepositoryException re) {
- log.error("getAnonymousSession: Cannot get anonymous session",
- re);
+ // cannot login > fail login, do not try to authenticate
+ handleLoginFailure(req, res, re);
+ return false;
}
- } else {
- log.debug("getAnonymousSession: Anonymous access not allowed by configuration");
}
-
+
// request authentication now, and fail if not possible
+ log.debug("getAnonymousSession: Anonymous access not allowed by configuration");
requestAuthentication(req, res);
// fallback to no session
return false;
}
+ private void handleLoginFailure(HttpServletRequest request,
+ HttpServletResponse response, RepositoryException reason) {
+
+ if (reason instanceof TooManySessionsException) {
+
+ // to many users, send a 503 Service Unavailable
+ log.info("authenticate: Too many sessions for user: {}",
+ reason.getMessage());
+
+ try {
+ response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE,
+ "Too Many Users");
+ } catch (IOException ioe) {
+ log.error("authenticate: Cannot send status 503 to client", ioe);
+ }
+
+ } else if (reason instanceof LoginException) {
+
+ // request authentication information and send 403 (Forbidden)
+ // if no handler can request authentication information.
+ log.info("authenticate: Unable to authenticate: {}",
+ reason.getMessage());
+ requestAuthentication(request, response);
+
+ } else {
+
+ // general problem, send a 500 Internal Server Error
+ log.error("authenticate: Unable to authenticate", reason);
+
+ try {
+ response.sendError(
+ HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
+ "Data Access Failure");
+ } catch (IOException ioe) {
+ log.error("authenticate: Cannot send status 500 to client", ioe);
+ }
+ }
+
+ }
+
// TODO
private void sendFailure(HttpServletResponse res) {
try {