diff options
author | Anton Tananaev <anton.tananaev@gmail.com> | 2016-01-20 09:30:19 +1300 |
---|---|---|
committer | Anton Tananaev <anton.tananaev@gmail.com> | 2016-01-20 09:30:19 +1300 |
commit | 67db57ba4114c7eb43ecadbd3cbf5ab9afb55833 (patch) | |
tree | db8c3f571ad07b9846c1fe545f5cf18f776711eb /src/org/traccar/api | |
parent | 625048edc94a4356145b61713861c6b48535a220 (diff) | |
download | trackermap-server-67db57ba4114c7eb43ecadbd3cbf5ab9afb55833.tar.gz trackermap-server-67db57ba4114c7eb43ecadbd3cbf5ab9afb55833.tar.bz2 trackermap-server-67db57ba4114c7eb43ecadbd3cbf5ab9afb55833.zip |
Try to authenticate all requests
Diffstat (limited to 'src/org/traccar/api')
-rw-r--r-- | src/org/traccar/api/SecurityRequestFilter.java | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java index f207b6bff..20186b0cb 100644 --- a/src/org/traccar/api/SecurityRequestFilter.java +++ b/src/org/traccar/api/SecurityRequestFilter.java @@ -55,11 +55,6 @@ public class SecurityRequestFilter implements ContainerRequestFilter { @Override public void filter(ContainerRequestContext requestContext) { - Method method = resourceInfo.getResourceMethod(); - if (method.isAnnotationPresent(PermitAll.class)) { - return; - } - SecurityContext securityContext = null; String authHeader = requestContext.getHeaderString(AUTHORIZATION_HEADER); @@ -87,8 +82,11 @@ public class SecurityRequestFilter implements ContainerRequestFilter { if (securityContext != null) { requestContext.setSecurityContext(securityContext); } else { - throw new WebApplicationException( - Response.status(Response.Status.UNAUTHORIZED).header(WWW_AUTHENTICATE, BASIC_REALM).build()); + Method method = resourceInfo.getResourceMethod(); + if (!method.isAnnotationPresent(PermitAll.class)) { + throw new WebApplicationException( + Response.status(Response.Status.UNAUTHORIZED).header(WWW_AUTHENTICATE, BASIC_REALM).build()); + } } } |