/*
*
* This file is part of the Hesperides distribution.
* (https://github.com/voyages-sncf-technologies/hesperides)
* Copyright (c) 2020 VSCT.
*
* Hesperides is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as
* published by the Free Software Foundation, version 3.
*
* Hesperides is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*
*/
package org.hesperides.core.presentation.security;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
final class VerboseBasicAuthenticationEntryPoint extends BasicAuthenticationEntryPoint {
VerboseBasicAuthenticationEntryPoint() {
setRealmName("Realm");
}
@Override
public void commence(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException {
response.addHeader(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"" + getRealmName() + "\"");
response.setStatus(HttpStatus.UNAUTHORIZED.value());
String errorMessage = authException.getMessage();
if (authException.getCause() != null) {
// LDAP error messages have been seen to contain \u0000 characters. We remove them:
errorMessage += " : " + authException.getCause().getMessage().replace("\u0000", "");
}
response.getOutputStream().println(errorMessage);
}
}
