Authenticator which will return 401 unauthorized on bad credentials and not execute system authenticators

Question

Is it possible to write custom authenticator that will:

1) Has top priority (executed first) - YES

2) Be executed only when certian header will be present in the request - YES

3) Return 401 Unauthorized if credentials will be wrong AND respond to the user immedietally without executing system authenciators (HTTP BASIC etc) - ???

keriw · Accepted Answer

you can have it do custom checks as the first part of your authenticator and if your custom checks fail you should be able to then use

httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "your message goes here");

Sign up

Please use your PTC eSupport account.

Welcome to the PTC Community

Please use your PTC eSupport account.

Scanning file for viruses.

This file cannot be downloaded