How do I change the response header of a Java servlet in case of container authentication failure?

I have a Java EE project with web services secured by web container authentication. (HTTP-basic) (we can say in this context: web services are servlets) A would like to change the Servlet response header. Using a servlet filter is not a good solution because I want to access the response object in case of user authentication failure. (in this case the servlet filter does not start because the container does not call it)

The reason is that I want to change the HTTP status codes 401 and 403. This is because the client is distributed via Web Start, and I do not want to allow javaws to change the request headers of client applications.

There is a ServletRequestListener listener, but this is wrong for me because I want to access the response object, not the request.

Thank.

+3


source to share


1 answer


Just copy the answer to the question

In web.xml:

<error-page>
    <error-code>401</error-code>
    <location>/error.jsp</location>
</error-page>

      



error.jsp:

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>
        <%
        int status = response.getStatus();
        if (status == 401) {
            response.setStatus(403);
        }
        %>
    </body>
</html>

      

+1


source







All Articles