001package ca.uhn.fhir.rest.server.exceptions;
002
003import ca.uhn.fhir.rest.api.Constants;
004import ca.uhn.fhir.util.CoverageIgnore;
005
006/*
007 * #%L
008 * HAPI FHIR - Core Library
009 * %%
010 * Copyright (C) 2014 - 2021 Smile CDR, Inc.
011 * %%
012 * Licensed under the Apache License, Version 2.0 (the "License");
013 * you may not use this file except in compliance with the License.
014 * You may obtain a copy of the License at
015 *
016 *      http://www.apache.org/licenses/LICENSE-2.0
017 *
018 * Unless required by applicable law or agreed to in writing, software
019 * distributed under the License is distributed on an "AS IS" BASIS,
020 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
021 * See the License for the specific language governing permissions and
022 * limitations under the License.
023 * #L%
024 */
025
026/**
027 * Represents an <b>HTTP 401 Client Unauthorized</b> response, which 
028 * means that the client needs to provide credentials, or has 
029 * provided invalid credentials.
030 * <p>
031 * For security failures, you should use
032 * {@link AuthenticationException} if you want to indicate that the
033 * user could not be authenticated (e.g. credential failures), also 
034 * known as an <b>authentication</b> failure. 
035 * You should use {@link ForbiddenOperationException} if you want to 
036 * indicate that the authenticated user does not have permission to
037 * perform the requested operation, also known as an <b>authorization</b>
038 * failure.
039 * </p>
040 * <p>
041 * Note that a complete list of RESTful exceptions is available in the <a href="./package-summary.html">Package
042 * Summary</a>.
043 * </p>
044 
045 */
046@CoverageIgnore
047public class AuthenticationException extends BaseServerResponseException {
048
049        public static final int STATUS_CODE = Constants.STATUS_HTTP_401_CLIENT_UNAUTHORIZED;
050
051        private static final long serialVersionUID = 1L;
052
053        public AuthenticationException() {
054                super(STATUS_CODE, "Client unauthorized");
055        }
056
057        public AuthenticationException(String theMessage) {
058                super(STATUS_CODE, theMessage);
059        }
060
061        public AuthenticationException(String theMessage, Throwable theCause) {
062                super(STATUS_CODE, theMessage, theCause);
063        }
064        
065        /**
066         * Adds a <code>WWW-Authenticate</code> header to the response, of the form:<br/>
067         * <code>WWW-Authenticate: Basic realm="theRealm"</code> 
068         * 
069         * @return Returns a reference to <code>this</code> for easy method chaining
070         */
071        public AuthenticationException addAuthenticateHeaderForRealm(String theRealm) {
072                addResponseHeader("WWW-Authenticate", "Basic realm=\"" + theRealm + "\"");
073                return this;
074        }
075
076}