Permalink
Browse files

Don't use the status code of 401 as that is specifically used when se…

…nding a challenge to the client, 403 is better suited where the request reaches the resource but we still choose not to fulfil the request.
  • Loading branch information...
darranl authored and kabir committed Mar 7, 2013
1 parent 6a1afde commit 12f69c0349784e25915a3ed79c7cd7b89bfbd286
@@ -33,7 +33,7 @@
/**
* A servlet which reports the name of the callers principal.
- *
+ *
* @author JanLanik
*/
@WebServlet(name = "PrincipalPrintingServlet", urlPatterns = { PrincipalPrintingServlet.SERVLET_PATH })
@@ -49,7 +49,7 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws Se
final PrintWriter writer = resp.getWriter();
final Principal principal = req.getUserPrincipal();
if (null == principal) {
- resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Principal name is printed only for the authenticated users.");
+ resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Principal name is printed only for the authenticated users.");
} else {
writer.write(req.getUserPrincipal().getName());
}

0 comments on commit 12f69c0

Please sign in to comment.