How to return Status code 401 in Java

Question

With my java agent (IBM JVM) I receive a POST from a browser.. If I parse the content and see that the one who send it is not authorized is it then possible (next to my output) to return the HTTP Response code: 401?

Example:

 Session session = getSession();
 AgentContext agentContext = session.getAgentContext();   
 Database db = agentContext.getCurrentDatabase();
 ... 
 parse xml
 ...
 if not authorized then return response code 401 and element 
 <Status xml:lang="en-US" code="401” text="UNAUTHORIZED"> </Status>

What do you mean "post with response code 401"? POST is a Request, 401 is a return code in the Response. You can return code 401, but not "post" with that. If you need to post something with 401 you can put it into Request header as example or in the body (i.e. your Status element) — Vadim, Apr 12 '17 at 12:04
Could you provide more details about what is your implementation? is it SOAP Webservice? If so, Response code sets in Servlet and you cannot return 401 from Servlet implementation for SOAP. You can return code 500 with SOAP Fault and your status element in its details if you throw an Exception from your code. that is usual practice with SOAP WebServices. Servlet can return 401 when it authenticates request against Container. When request reaches your code it is already authenticated an authorized against Container security. Your custom authorization against data in Database happens after — Vadim, Apr 12 '17 at 12:59
Of course if implementation is different and you have access to Servlet Response object or Http Response you can set it there. — Vadim, Apr 12 '17 at 13:04
You have to write response headers on HttpServletResponse with something like res.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED); Take a look at this post https://stackoverflow.com/questions/13274279/authentication-filter-and-servlet-for-login where this is achieved via a webfilter — Francisco Valle, Jun 12 '18 at 15:13

How to return Status code 401 in Java

0 Answers0