added WWW-Authenticate header for unauth requests

RestComm · Feb 9, 2018 · bd79f5e · bd79f5e
1 parent d738d8d
commit bd79f5e
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/restcomm/restcomm.http/src/main/java/org/restcomm/connect/http/security/SecurityFilter.java b/restcomm/restcomm.http/src/main/java/org/restcomm/connect/http/security/SecurityFilter.java
@@ -19,9 +19,12 @@
  */
 package org.restcomm.connect.http.security;
 
+import static javax.ws.rs.core.Response.status;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
 import javax.ws.rs.ext.Provider;
 
@@ -61,7 +64,7 @@ public ContainerRequest filter(ContainerRequest cr) {
      */
     protected void checkAuthenticatedAccount(UserIdentityContext userIdentityContext) {
         if (userIdentityContext.getEffectiveAccount() == null) {
-            throw new WebApplicationException(Status.UNAUTHORIZED);
+            throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", "Basic realm=\"Restcomm realm\"").build());
         }
     }
 
@@ -71,7 +74,7 @@ protected void checkAuthenticatedAccount(UserIdentityContext userIdentityContext
      */
     protected void filterClosedAccounts(UserIdentityContext userIdentityContext){
         if(userIdentityContext.getEffectiveAccount() != null && !userIdentityContext.getEffectiveAccount().getStatus().equals(Account.Status.ACTIVE)){
-            throw new WebApplicationException(Status.FORBIDDEN);
+            throw new WebApplicationException(status(Status.FORBIDDEN).entity("Provided Account is not active").build());
         }
     }
 }