FELIX-1983 redo sending the 401/UNAUTHORIZED status to just use setStatus and then flush the response. Don't use sendError to prevent any error handlers to kick in -- we really want the 401 status to be sent to the client.
git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@898696 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
index 8ae382c..668fa3b 100644
--- a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
+++ b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
@@ -136,15 +136,15 @@
}
// request authentication
- response.setHeader( HEADER_WWW_AUTHENTICATE, AUTHENTICATION_SCHEME_BASIC + " realm=\"" + this.realm + "\"" );
try
{
- response.sendError( HttpServletResponse.SC_UNAUTHORIZED );
+ response.setHeader( HEADER_WWW_AUTHENTICATE, AUTHENTICATION_SCHEME_BASIC + " realm=\"" + this.realm + "\"" );
+ response.setStatus( HttpServletResponse.SC_UNAUTHORIZED );
+ response.flushBuffer();
}
catch ( IOException ioe )
{
- // failed sending the error, fall back to setting the status
- response.setStatus( HttpServletResponse.SC_UNAUTHORIZED );
+ // failed sending the response ... cannot do anything about it
}
// inform HttpService that authentication failed