From dc2d10dcb031797a27dbdecac4e36de6e68a46c9 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 00:54:02 -0700 Subject: [PATCH] Include generic error header when authentication fails. --- .../guacamole/net/basic/AuthenticatingHttpServlet.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/main/java/net/sourceforge/guacamole/net/basic/AuthenticatingHttpServlet.java b/src/main/java/net/sourceforge/guacamole/net/basic/AuthenticatingHttpServlet.java index ba5af4a..1281714 100644 --- a/src/main/java/net/sourceforge/guacamole/net/basic/AuthenticatingHttpServlet.java +++ b/src/main/java/net/sourceforge/guacamole/net/basic/AuthenticatingHttpServlet.java @@ -37,6 +37,9 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet { private Logger logger = LoggerFactory.getLogger(AuthenticatingHttpServlet.class); + private static final String AUTH_ERROR_MESSAGE = + "User not logged in or authentication failed."; + private AuthenticationProvider authProvider; @Override @@ -84,6 +87,8 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet { } catch (GuacamoleException e) { logger.error("Error retrieving configuration(s) for user {}.", username); + + response.setHeader("X-Guacamole-Error-Message", AUTH_ERROR_MESSAGE); response.sendError(HttpServletResponse.SC_FORBIDDEN); return; } @@ -91,6 +96,8 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet { if (configs == null) { logger.warn("Authentication attempt from {} for user \"{}\" failed.", request.getRemoteAddr(), username); + + response.setHeader("X-Guacamole-Error-Message", AUTH_ERROR_MESSAGE); response.sendError(HttpServletResponse.SC_FORBIDDEN); return; } -- 1.7.10.4