Merge pull request #676 from wick-ed/master

Canceled authentication does not default to 401 error page
appserver-io · Mar 12, 2015 · 3ea6a1a · 3ea6a1a
2 parents 6d8725e + 55e37ea
commit 3ea6a1a
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,7 +7,8 @@
 * Fixed [#654](https://github.com/appserver-io/appserver/issues/654) - Existing files containing spaces are ignored 
 * Fixed [#635](https://github.com/appserver-io/appserver/issues/635) - Extracting PHAR archives containing empty files results in an exception
 * Fixed [#666](https://github.com/appserver-io/appserver/issues/666) - appserver-watcher daemon does not work on Windows
-* Fixed [#673](https://github.com/appserver-io/appserver/issues/673) - "Cannot redeclare class ..." error on certain circumstances
+* Fixed [#673](https://github.com/appserver-io/appserver/issues/673) - "Cannot re-declare class ..." error on certain circumstances
+* Fixes [#675](https://github.com/appserver-io/appserver/issues/675) - Canceled authentication does not default to 401 error page
 
 ## Features
 

diff --git a/src/AppserverIo/Appserver/ServletEngine/Authentication/AuthenticationValve.php b/src/AppserverIo/Appserver/ServletEngine/Authentication/AuthenticationValve.php
@@ -23,6 +23,7 @@
 use AppserverIo\Appserver\ServletEngine\ValveInterface;
 use AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface;
 use AppserverIo\Psr\Servlet\Http\HttpServletResponseInterface;
+use AppserverIo\Server\Exceptions\ModuleException;
 
 /**
  * This valve will check if the actual request needs authentication.
@@ -53,8 +54,8 @@ public function invoke(HttpServletRequestInterface $servletRequest, HttpServletR
 
         // authenticate the request
         if ($authenticationManager->handleRequest($servletRequest, $servletResponse) === false) {
-            // dispatch this request, because we have to authenticate first
-            $servletRequest->setDispatched(true);
+            // throw exception for auth required
+            throw new ModuleException(null, 401);
         }
     }
 }
diff --git a/src/AppserverIo/Appserver/ServletEngine/Authentication/StandardAuthenticationManager.php b/src/AppserverIo/Appserver/ServletEngine/Authentication/StandardAuthenticationManager.php
@@ -23,6 +23,7 @@
 
 use AppserverIo\Appserver\Core\AbstractManager;
 use AppserverIo\Http\HttpProtocol;
+use AppserverIo\Psr\HttpMessage\Protocol;
 use AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface;
 use AppserverIo\Psr\Servlet\Http\HttpServletResponseInterface;
 use AppserverIo\Psr\Application\ApplicationInterface;
@@ -66,13 +67,19 @@ public function handleRequest(HttpServletRequestInterface $servletRequest, HttpS
             if (fnmatch($urlPattern, $servletRequest->getServletPath() . $servletRequest->getPathInfo())) {
                 // the URI pattern matches, init the adapter and try to authenticate
 
+                // check if auth header is not set in coming request headers
+                if (! $servletRequest->hasHeader(Protocol::HEADER_AUTHORIZATION)) {
+                    // send header for challenge authentication against client
+                    $servletResponse->addHeader(HttpProtocol::HEADER_WWW_AUTHENTICATE, $authenticationAdapter->getAuthenticateHeader());
+                }
+
+                // initialize the adapter with the current request
                 $authenticationAdapter->init($servletRequest->getHeader(HttpProtocol::HEADER_AUTHORIZATION), $servletRequest->getMethod());
 
                 // try to authenticate the request
                 $authenticated = $authenticationAdapter->authenticate();
                 if (!$authenticated) {
                     // send header for challenge authentication against client
-                    $servletResponse->setStatusCode(401);
                     $servletResponse->addHeader(HttpProtocol::HEADER_WWW_AUTHENTICATE, $authenticationAdapter->getAuthenticateHeader());
                 }