X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms.ee%2Fsrc%2Forg%2Fargeo%2Fcms%2Fservlet%2Fhttpserver%2FHttpContextServlet.java;fp=org.argeo.cms.ee%2Fsrc%2Forg%2Fargeo%2Fcms%2Fservlet%2Fhttpserver%2FHttpContextServlet.java;h=b2f73944985e23210f267475f58193683b5829ad;hb=1d7058b30bd990cda7d4efc1c029501f05a07113;hp=c81bad7bc59c049ac31a9577308f913fa2d7fa4b;hpb=8eb1e5fbb1eecf788e882e52405d8d56b180811c;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms.ee/src/org/argeo/cms/servlet/httpserver/HttpContextServlet.java b/org.argeo.cms.ee/src/org/argeo/cms/servlet/httpserver/HttpContextServlet.java
index c81bad7bc..b2f739449 100644
--- a/org.argeo.cms.ee/src/org/argeo/cms/servlet/httpserver/HttpContextServlet.java
+++ b/org.argeo.cms.ee/src/org/argeo/cms/servlet/httpserver/HttpContextServlet.java
@@ -7,6 +7,9 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.argeo.cms.auth.RemoteAuthSession;
+import org.argeo.cms.servlet.ServletHttpSession;
+
 import com.sun.net.httpserver.Authenticator;
 import com.sun.net.httpserver.HttpContext;
 import com.sun.net.httpserver.HttpHandler;
@@ -24,6 +27,8 @@ public class HttpContextServlet extends HttpServlet {
 	@Override
 	protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
 		try (ServletHttpExchange httpExchange = new ServletHttpExchange(httpContext, req, resp)) {
+			ServletHttpSession httpSession = new ServletHttpSession(req.getSession());
+			httpExchange.setAttribute(RemoteAuthSession.class.getName(), httpSession);
 			Authenticator authenticator = httpContext.getAuthenticator();
 			if (authenticator != null) {
 				Authenticator.Result authenticationResult = authenticator.authenticate(httpExchange);
@@ -31,10 +36,14 @@ public class HttpContextServlet extends HttpServlet {
 					HttpPrincipal httpPrincipal = ((Authenticator.Success) authenticationResult).getPrincipal();
 					httpExchange.setPrincipal(httpPrincipal);
 				} else if (authenticationResult instanceof Authenticator.Retry) {
-					resp.setStatus(((Authenticator.Retry) authenticationResult).getResponseCode());
+					httpExchange.sendResponseHeaders((((Authenticator.Retry) authenticationResult).getResponseCode()),
+							-1);
+					resp.flushBuffer();
 					return;
 				} else if (authenticationResult instanceof Authenticator.Failure) {
-					resp.setStatus(((Authenticator.Failure) authenticationResult).getResponseCode());
+					httpExchange.sendResponseHeaders(((Authenticator.Failure) authenticationResult).getResponseCode(),
+							-1);
+					resp.flushBuffer();
 					return;
 				} else {
 					throw new UnsupportedOperationException(
@@ -46,5 +55,4 @@ public class HttpContextServlet extends HttpServlet {
 			httpHandler.handle(httpExchange);
 		}
 	}
-
 }