aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2016-01-20 09:30:19 +1300
committerAnton Tananaev <anton.tananaev@gmail.com>2016-01-20 09:30:19 +1300
commit67db57ba4114c7eb43ecadbd3cbf5ab9afb55833 (patch)
treedb8c3f571ad07b9846c1fe545f5cf18f776711eb /src
parent625048edc94a4356145b61713861c6b48535a220 (diff)
downloadtraccar-server-67db57ba4114c7eb43ecadbd3cbf5ab9afb55833.tar.gz
traccar-server-67db57ba4114c7eb43ecadbd3cbf5ab9afb55833.tar.bz2
traccar-server-67db57ba4114c7eb43ecadbd3cbf5ab9afb55833.zip
Try to authenticate all requests
Diffstat (limited to 'src')
-rw-r--r--src/org/traccar/api/SecurityRequestFilter.java12
1 files changed, 5 insertions, 7 deletions
diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java
index f207b6bff..20186b0cb 100644
--- a/src/org/traccar/api/SecurityRequestFilter.java
+++ b/src/org/traccar/api/SecurityRequestFilter.java
@@ -55,11 +55,6 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
@Override
public void filter(ContainerRequestContext requestContext) {
- Method method = resourceInfo.getResourceMethod();
- if (method.isAnnotationPresent(PermitAll.class)) {
- return;
- }
-
SecurityContext securityContext = null;
String authHeader = requestContext.getHeaderString(AUTHORIZATION_HEADER);
@@ -87,8 +82,11 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
if (securityContext != null) {
requestContext.setSecurityContext(securityContext);
} else {
- throw new WebApplicationException(
- Response.status(Response.Status.UNAUTHORIZED).header(WWW_AUTHENTICATE, BASIC_REALM).build());
+ Method method = resourceInfo.getResourceMethod();
+ if (!method.isAnnotationPresent(PermitAll.class)) {
+ throw new WebApplicationException(
+ Response.status(Response.Status.UNAUTHORIZED).header(WWW_AUTHENTICATE, BASIC_REALM).build());
+ }
}
}