+ * This class responsible for exception when use Basic Authentication. + * + * This exception can be used with checkAcces method of ERXRouteController class. + *
+ * + * Example + * + *
+ * protected void checkAccess() throws SecurityException {
+ * throw new ERXBasicAuthenticationException("invalid credentials");
+ * }
+ *
+ */
+public class ERXBasicAuthenticationException extends SecurityException {
+
+ private final String basicRealm;
+
+ /**
+ * Creates a ERXBasicAuthenticationException with the specified
+ * detail message and cause.
+ *
+ * For @param basicRealm use default 'application'.
+ *
+ * @param message the detail message (which is saved for later retrieval
+ * by the {@link #getMessage()} method).
+ */
+ public ERXBasicAuthenticationException(String message) {
+ this(message, "application");
+ }
+
+ /**
+ * Creates a ERXBasicAuthenticationException with the specified
+ * detail message and cause.
+ *
+ * @param message the detail message (which is saved for later retrieval
+ * by the {@link #getMessage()} method).
+ * @param basicRealm message about server authentication requested for user.
+ */
+ public ERXBasicAuthenticationException(String message, String basicRealm) {
+ super(message);
+
+ this.basicRealm = basicRealm;
+ }
+
+ /**
+ * Creates a ERXBasicAuthenticationException with the specified
+ * detail message and cause.
+ *
+ * @param message the detail message (which is saved for later retrieval
+ * by the {@link #getMessage()} method).
+ * @param cause the cause (which is saved for later retrieval by the
+ * {@link #getCause()} method). (A null value is permitted,
+ * and indicates that the cause is nonexistent or unknown.)
+ * @param basicRealm message about server authentication requested for user.
+ */
+ public ERXBasicAuthenticationException(String message, Throwable cause, String basicRealm) {
+ super(message, cause);
+
+ this.basicRealm = basicRealm;
+ }
+
+ /**
+ * Message about server authentication.
+ *
+ * @return basicRealm message
+ */
+ public String basicRealm() {
+ return basicRealm;
+ }
+
+}
\ No newline at end of file
diff --git a/Frameworks/EOF/ERRest/Sources/er/rest/routes/ERXRouteController.java b/Frameworks/EOF/ERRest/Sources/er/rest/routes/ERXRouteController.java
index b67ffaf5460..d7fb5a31909 100644
--- a/Frameworks/EOF/ERRest/Sources/er/rest/routes/ERXRouteController.java
+++ b/Frameworks/EOF/ERRest/Sources/er/rest/routes/ERXRouteController.java
@@ -48,6 +48,7 @@
import er.extensions.foundation.ERXStringUtilities;
import er.extensions.localization.ERXLocalizer;
import er.extensions.validation.ERXValidationException;
+import er.rest.ERXBasicAuthenticationException;
import er.rest.ERXNotAllowedException;
import er.rest.ERXRequestFormValues;
import er.rest.ERXRestClassDescriptionFactory;
@@ -1589,6 +1590,11 @@ protected WOActionResults performActionNamedWithError(String actionName, Throwab
if (meaningfulThrowble instanceof ObjectNotAvailableException || meaningfulThrowble instanceof FileNotFoundException || meaningfulThrowble instanceof NoSuchElementException) {
results = errorResponse(meaningfulThrowble, ERXHttpStatusCodes.NOT_FOUND);
}
+ else if (meaningfulThrowble instanceof ERXBasicAuthenticationException) {
+ WOResponse response = (WOResponse) errorResponse(meaningfulThrowble, ERXHttpStatusCodes.UNAUTHORIZED);
+ response.setHeader("Basic realm=\"" + ((ERXBasicAuthenticationException) meaningfulThrowble).basicRealm() + "\"", "WWW-Authenticate");
+ results = response;
+ }
else if (meaningfulThrowble instanceof SecurityException) {
results = errorResponse(meaningfulThrowble, ERXHttpStatusCodes.STATUS_FORBIDDEN);
}