You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2008/03/12 13:15:12 UTC
svn commit: r636294 -
/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java
Author: fmeschbe
Date: Wed Mar 12 05:15:10 2008
New Revision: 636294
URL: http://svn.apache.org/viewvc?rev=636294&view=rev
Log:
SLING-319 Don't treat initial resource load special any more and send 403/FORBIDDEN
on any occurrence of an AccessControlException
Modified:
incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java
Modified: incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java?rev=636294&r1=636293&r2=636294&view=diff
==============================================================================
--- incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java (original)
+++ incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java Wed Mar 12 05:15:10 2008
@@ -262,28 +262,9 @@
}
// initialize the request data - resolve resource and servlet
- Resource resource = null;
- try {
- ResourceResolver resolver = getResourceResolverFactory().getResourceResolver(
- session);
- resource = requestData.initResource(resolver);
- } catch (AccessControlException ace) {
- // SLING-309
- // if this is the anonymous user, send request to authenticate
- if ( request.getAttribute(HttpContext.AUTHENTICATION_TYPE) == null ) {
- getSlingAuthenticator().requestAuthentication(request, response);
- return;
- }
-
- // if this is not the anonymous user, send 404
- // try to request authentication fail, if not possible
- log.info(
- "service: Authenticated user {} does not have enough rights to executed requested action",
- request.getRemoteUser());
- getErrorHandler().handleError(HttpServletResponse.SC_NOT_FOUND,
- null, request, response);
- return;
- }
+ ResourceResolver resolver = getResourceResolverFactory().getResourceResolver(
+ session);
+ Resource resource = requestData.initResource(resolver);
requestData.initServlet(resource);
Filter[] filters = requestFilterChain.getFilters();
@@ -325,12 +306,12 @@
} catch (AccessControlException ace) {
- // SLING-309 if anything goes wrong, send 404
+ // SLING-319 if anything goes wrong, send 403/FORBIDDEN
log.info(
"service: Authenticated user {} does not have enough rights to executed requested action",
request.getRemoteUser());
- getErrorHandler().handleError(HttpServletResponse.SC_NOT_FOUND,
- null, request, response);
+ getErrorHandler().handleError(HttpServletResponse.SC_FORBIDDEN,
+ null, request, response);
} catch (Throwable t) {