Commits

Sebastian Sdorra committed e75021b

fix wrong status codes with enabled anonymous access

Comments (0)

Files changed (2)

scm-core/src/main/java/sonia/scm/web/filter/BasicAuthenticationFilter.java

         logger.trace("could not find user send unauthorized");
       }
 
-      HttpUtil.sendUnauthorized(request, response);
+      handleUnauthorized(request, response, chain);
     }
     else
     {

scm-webapp/src/main/java/sonia/scm/filter/SecurityFilter.java

       {
         response.sendError(HttpServletResponse.SC_FORBIDDEN);
       }
+      else if (configuration.isAnonymousAccessEnabled())
+      {
+        response.sendError(HttpServletResponse.SC_FORBIDDEN);
+      }
       else
       {
         response.sendError(HttpServletResponse.SC_UNAUTHORIZED);