CODEWITHSUNDEEP
wso2http-response-codes
Ofer Lahav
Ofer Lahav

Reputation: 421

is there a way to set response code/text from WSO2 custom handler?

I wrote a custom authentication handler for WSO2, based on the instructions in the user guide.

In general, the handler works ok, i.e. when given the correct credentials it runs the API correctly, and when given false credentials it rejects the API, but in this case - status code of 202 with empty response text is returned to "curl".

Is there a way to control the returned response code or to construct a sensible response text for such cases? I would prefer returning response code of "forbidden" or a text saying "wrong credentials given" whenever the custom handler decides to reject an API invocation.

I see that HandleRequest(MessageContext messageContext) returns boolean, so not sure how to send back the desired response code and text.

Upvotes: 3

Views: 979

Answers (1)

krishan
krishan

Reputation: 579

Following is a sample code written to catch the request and if the "Authorization" header is not available, send the request back to the client as a response.

You can see I have added the "HTTP_SC" header with the value 401.

using messageContext.setProperty("RESPONSE", "true"); ,we can send this back to the client as a reponse.

 public boolean handleRequest(MessageContext messageContext) {
        org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext)
                .getAxis2MessageContext();
        Object headers = axis2MessageContext
                .getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);

        try {
            if (headers != null && headers instanceof Map) {
                Map headersMap = (Map) headers;
                if (headersMap.get("Authorization") == null) {
                    headersMap.clear();
                    axis2MessageContext.setProperty("HTTP_SC", "401");
                    headersMap.put("WWW-Authenticate",
                            "Basic realm=\"WSO2 ESB\"");
                    axis2MessageContext.setProperty("NO_ENTITY_BODY",
                            new Boolean("true"));
                    messageContext.setProperty("RESPONSE", "true");
                    messageContext.setTo(null);
                    Axis2Sender.sendBack(messageContext);
                    return false;

                } else {

                    return true;
                }
            }
            return false;

        } catch (Exception e) {
            log.error("Unable to execute the authentication process : ", e);
            return false;
        }

    }

Hope this will help to you. cheers.

Upvotes: 1

Related Questions