From 2537b3d8eeda63eaa81182b6a33b672cf28a7797 Mon Sep 17 00:00:00 2001
From: Michael Jumper <mike.jumper@guac-dev.org>
Date: Mon, 20 Apr 2015 13:07:07 -0700
Subject: [PATCH] GUAC-1161: Request username/password if no user context is
 generated (backwards compat).

---
 .../net/basic/rest/auth/TokenRESTService.java | 21 +++++++++----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/auth/TokenRESTService.java b/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/auth/TokenRESTService.java
index c7f7da6e8..af7d01b9e 100644
--- a/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/auth/TokenRESTService.java
+++ b/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/auth/TokenRESTService.java
@@ -41,6 +41,8 @@ import org.glyptodon.guacamole.GuacamoleException;
 import org.glyptodon.guacamole.net.auth.AuthenticationProvider;
 import org.glyptodon.guacamole.net.auth.Credentials;
 import org.glyptodon.guacamole.net.auth.UserContext;
+import org.glyptodon.guacamole.net.auth.credentials.CredentialsInfo;
+import org.glyptodon.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
 import org.glyptodon.guacamole.net.basic.GuacamoleSession;
 import org.glyptodon.guacamole.net.basic.rest.APIRequest;
 import org.glyptodon.guacamole.net.basic.rest.AuthProviderRESTExposure;
@@ -233,15 +235,13 @@ public class TokenRESTService {
 
             }
 
+            // Request standard username/password if no user context was produced
+            if (userContext == null)
+                throw new GuacamoleInvalidCredentialsException("Permission Denied.",
+                        CredentialsInfo.USERNAME_PASSWORD);
+
         }
-        catch(GuacamoleException e) {
-            logger.error("Exception caught while authenticating user.", e);
-            throw new HTTPException(Status.INTERNAL_SERVER_ERROR, 
-                    "Unexpected server error.");
-        }
-        
-        // Authentication failed.
-        if (userContext == null) {
+        catch (GuacamoleException e) {
 
             // Log authentication failures with associated usernames
             if (username != null) {
@@ -255,10 +255,9 @@ public class TokenRESTService {
                 logger.debug("Anonymous authentication attempt from {} failed.",
                         getLoggableAddress(request), username);
 
-            throw new HTTPException(Status.UNAUTHORIZED, "Permission Denied.");
-
+            throw e;
         }
-
+        
         // Update existing session, if it exists
         String authToken;
         if (existingSession != null) {