X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms.ee%2Fsrc%2Forg%2Fargeo%2Fcms%2Fservlet%2Fhttpserver%2FHttpContextServlet.java;h=63d59a88d0510cf9565ccac177bb1608e96ca68e;hb=5b6b49fa655c7b3ae3dcc06d6c504e3d0225684f;hp=c81bad7bc59c049ac31a9577308f913fa2d7fa4b;hpb=81d9084e2c9fd9d33ca1d864171d28f9564647d8;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms.ee/src/org/argeo/cms/servlet/httpserver/HttpContextServlet.java b/org.argeo.cms.ee/src/org/argeo/cms/servlet/httpserver/HttpContextServlet.java
index c81bad7bc..63d59a88d 100644
--- a/org.argeo.cms.ee/src/org/argeo/cms/servlet/httpserver/HttpContextServlet.java
+++ b/org.argeo.cms.ee/src/org/argeo/cms/servlet/httpserver/HttpContextServlet.java
@@ -7,11 +7,18 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.argeo.cms.auth.RemoteAuthSession;
+import org.argeo.cms.servlet.ServletHttpSession;
+
 import com.sun.net.httpserver.Authenticator;
 import com.sun.net.httpserver.HttpContext;
 import com.sun.net.httpserver.HttpHandler;
 import com.sun.net.httpserver.HttpPrincipal;
 
+/**
+ * An {@link HttpServlet} which integrates an {@link HttpContext} and its
+ * {@link Authenticator} in a servlet container.
+ */
 public class HttpContextServlet extends HttpServlet {
 	private static final long serialVersionUID = 2321612280413662738L;
 
@@ -24,6 +31,8 @@ public class HttpContextServlet extends HttpServlet {
 	@Override
 	protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
 		try (ServletHttpExchange httpExchange = new ServletHttpExchange(httpContext, req, resp)) {
+			ServletHttpSession httpSession = new ServletHttpSession(req.getSession());
+			httpExchange.setAttribute(RemoteAuthSession.class.getName(), httpSession);
 			Authenticator authenticator = httpContext.getAuthenticator();
 			if (authenticator != null) {
 				Authenticator.Result authenticationResult = authenticator.authenticate(httpExchange);
@@ -31,10 +40,14 @@ public class HttpContextServlet extends HttpServlet {
 					HttpPrincipal httpPrincipal = ((Authenticator.Success) authenticationResult).getPrincipal();
 					httpExchange.setPrincipal(httpPrincipal);
 				} else if (authenticationResult instanceof Authenticator.Retry) {
-					resp.setStatus(((Authenticator.Retry) authenticationResult).getResponseCode());
+					httpExchange.sendResponseHeaders((((Authenticator.Retry) authenticationResult).getResponseCode()),
+							-1);
+					resp.flushBuffer();
 					return;
 				} else if (authenticationResult instanceof Authenticator.Failure) {
-					resp.setStatus(((Authenticator.Failure) authenticationResult).getResponseCode());
+					httpExchange.sendResponseHeaders(((Authenticator.Failure) authenticationResult).getResponseCode(),
+							-1);
+					resp.flushBuffer();
 					return;
 				} else {
 					throw new UnsupportedOperationException(
@@ -46,5 +59,4 @@ public class HttpContextServlet extends HttpServlet {
 			httpHandler.handle(httpExchange);
 		}
 	}
-
 }