Author: taylor
Date: Wed Jan 27 00:02:46 2016
New Revision: 1726927
URL: http://svn.apache.org/viewvc?rev=1726927&view=rev
Log:
call standard checkPrivilege method for jetspeed rest apis, so that the proper
UNAUTHORIZED status is returned
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java?rev=1726927&r1=1726926&r2=1726927&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
Wed Jan 27 00:02:46 2016
@@ -19,7 +19,6 @@ package org.apache.jetspeed.services.res
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.JetspeedActions;
import org.apache.jetspeed.administration.PortalConfigurationConstants;
-import org.apache.jetspeed.exception.JetspeedException;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.folder.Folder;
import org.apache.jetspeed.page.PageManager;
@@ -28,7 +27,6 @@ import org.apache.jetspeed.profiler.Prof
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.profiler.rules.PrincipalRule;
import org.apache.jetspeed.profiler.rules.ProfilingRule;
-import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.Group;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.JetspeedPrincipalQueryContext;
@@ -558,14 +556,4 @@ public class UserManagerService extends
return templates;
}
- protected void checkPrivilege(HttpServletRequest servletRequest, String
action)
- {
- RequestContext requestContext = (RequestContext)
servletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
-
- if (securityBehavior != null &&
!securityBehavior.checkAccess(requestContext, action))
- {
- throw new WebApplicationException(new
JetspeedException("Insufficient privilege to access this REST service."));
- }
- }
-
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
