How do I change the response header of a Java servlet in case of container authentication failure?

Question

How do I change the response header of a Java servlet in case of container authentication failure?

I have a Java EE project with web services secured by web container authentication. (HTTP-basic) (we can say in this context: web services are servlets) A would like to change the Servlet response header. Using a servlet filter is not a good solution because I want to access the response object in case of user authentication failure. (in this case the servlet filter does not start because the container does not call it)

The reason is that I want to change the HTTP status codes 401 and 403. This is because the client is distributed via Web Start, and I do not want to allow javaws to change the request headers of client applications.

There is a ServletRequestListener listener, but this is wrong for me because I want to access the response object, not the request.

Thank.

+3

java http-headers servlets httpresponse

user2045984 06 Feb '13 at 9:15

source to share

1 answer

Georgy Gobozov · Accepted Answer · 2013-02-06T20:18:41+0000

Just copy the answer to the question

In web.xml:

<error-page>
    <error-code>401</error-code>
    <location>/error.jsp</location>
</error-page>

error.jsp:

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>
        <%
        int status = response.getStatus();
        if (status == 401) {
            response.setStatus(403);
        }
        %>
    </body>
</html>

How do I change the response header of a Java servlet in case of container authentication failure?

More articles: