Improved multi Proxy DNSLocator based

[aaf/authz.git] / auth / auth-service / src / main / java / org / onap / aaf / auth / service / api / API_Creds.java

diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java
index a8830c9..fbc1baa 100644 (file)
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java
@@ -100,7 +100,7 @@ public class API_Creds {
                                 if (cv.validate(bp.getName(), Type.PASSWORD, bp.getCred(), null) ) {
                                     resp.setStatus(HttpStatus.OK_200);
                                 } else {
-                                    resp.setStatus(HttpStatus.FORBIDDEN_403);
+                                    resp.setStatus(HttpStatus.UNAUTHORIZED_401);
                                 }
                             }
                         } else {
@@ -112,7 +112,6 @@ public class API_Creds {
                                         decoded.substring(0,colon), 
                                         CredVal.Type.PASSWORD , 
                                         decoded.substring(colon+1).getBytes(),trans)) {
-                                    
                                     resp.setStatus(HttpStatus.OK_200);
                                 } else {
                                     // DME2 at this version crashes without some sort of response
@@ -144,14 +143,16 @@ public class API_Creds {
                     AuthzTrans trans, 
                     HttpServletRequest req,
                     HttpServletResponse resp) throws Exception {
-                
+                // will be a valid Entity.  Do we need to add permission
+               //if(trans.fish("ns","password","request")) or the like
                 Result<Date> r = context.doesCredentialMatch(trans, req, resp);
                 if (r.isOK()) {
                     resp.setStatus(HttpStatus.OK_200);
                 } else {
                     // For Security, we don't give any info out on why failed, other than forbidden
                     // Can't do "401", because that is on the call itself
-                    resp.setStatus(HttpStatus.FORBIDDEN_403);
+                       // 403 Implies you MAY NOT Ask.
+                    resp.setStatus(HttpStatus.NOT_ACCEPTABLE_406);
                 }
             }
         });  
@@ -194,7 +195,8 @@ public class API_Creds {
          */
         authzAPI.route(POST,"/authn/cred",API.CRED_REQ,new Code(facade,"Add a New ID/Credential", true) {
             @Override
-            public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {                Result<Void> r = context.createUserCred(trans, req);
+            public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {                
+                Result<Void> r = context.createUserCred(trans, req);
                 if (r.isOK()) {
                     resp.setStatus(HttpStatus.CREATED_201);
                 } else {