package org.constellation.engine.security;
import java.io.IOException;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.sis.util.logging.Logging;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;
/**
* {@link AuthenticationEntryPoint} that rejects all requests with an
* unauthorized error message.
*
* @author Philip W. Sorst <philip@sorst.net>
*/
@Component
public class UnauthorizedEntryPoint implements AuthenticationEntryPoint {
private static final Logger LOGGER = Logging.getLogger("org.constellation.engine.security");
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
throws IOException, ServletException {
LOGGER.finer("Unauthorized for URI:" + request.getRequestURI());
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Authentication token was either missing or invalid.");
}
}