View Javadoc

1   /**
2    * Copyright (c) 2002-2011 "Neo Technology,"
3    * Network Engine for Objects in Lund AB [http://neotechnology.com]
4    *
5    * This file is part of Neo4j.
6    *
7    * Neo4j is free software: you can redistribute it and/or modify
8    * it under the terms of the GNU General Public License as published by
9    * the Free Software Foundation, either version 3 of the License, or
10   * (at your option) any later version.
11   *
12   * This program is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15   * GNU General Public License for more details.
16   *
17   * You should have received a copy of the GNU General Public License
18   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
19   */
20  package org.neo4j.server.rest.web.security;
21  
22  import javax.ws.rs.core.Response;
23  import javax.ws.rs.core.Response.Status;
24  import javax.ws.rs.ext.ExceptionMapper;
25  import javax.ws.rs.ext.Provider;
26  
27  /**
28   * <p>
29   * Map an authentication exception to an HTTP 401 response, optionally including
30   * the realm for a credentials challenge at the client.
31   * </p>
32   */
33  @Provider
34  public class AuthenticationExceptionMapper implements
35          ExceptionMapper<AuthenticationException>
36  {
37  
38      public Response toResponse( AuthenticationException e )
39      {
40          if ( e.getRealm() != null )
41          {
42              return Response.status( Status.UNAUTHORIZED ).header(
43                      "WWW-Authenticate", "Basic realm=\"" + e.getRealm() + "\"" ).type(
44                      "text/plain" ).entity( e.getMessage() ).build();
45          }
46          else
47          {
48              return Response.status( Status.UNAUTHORIZED ).type( "text/plain" ).entity(
49                      e.getMessage() ).build();
50          }
51      }
52  
53  }