• Home
• us.joshuatreesoftware
• enmasse
• 1.0-RC30
• source code
• SecurityOutFaultInterceptor.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

us.jts.enmasse.SecurityOutFaultInterceptor Maven / Gradle / Ivy

/*
 * Copyright (c) 2009-2013, JoshuaTree. All Rights Reserved.
 */
package us.jts.enmasse;

import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.security.AccessDeniedException;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.transport.http.AbstractHTTPDestination;

import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * Utility for EnMasse Server.  This class is thread safe.
 *
 * @author Shawn McKinney
 */

public class SecurityOutFaultInterceptor extends AbstractPhaseInterceptor
{
    public SecurityOutFaultInterceptor()
    {
        super(Phase.PRE_STREAM);

    }

    public void handleMessage(Message message) throws Fault
    {
        Fault fault = (Fault) message.getContent(Exception.class);
        Throwable ex = fault.getCause();
        if (!(ex instanceof SecurityException))
        {
            throw new RuntimeException("Security Exception is expected:" + ex);
        }

        HttpServletResponse response = (HttpServletResponse) message.getExchange().getInMessage()
            .get(AbstractHTTPDestination.HTTP_RESPONSE);
        int status = ex instanceof AccessDeniedException ? 403 : 401;
        response.setStatus(status);
        try
        {
            response.getOutputStream().write(ex.getMessage().getBytes());
            response.getOutputStream().flush();
        }
        catch (IOException iex)
        {
            // ignore
        }

        message.getInterceptorChain().abort();
    }

}