Details
-
Enhancement
-
Resolution: Done
-
Minor
-
None
-
None
Description
Follow up to ENTESB-10823.
For some Hawtio endpoints, if the user is not authenticated, a HTTP 403 Forbidden response is returned. However ServletHelpers.doForbidden forces the return of a JSON response, which is not very user friendly if someone hits a secured endpoint in a web browser.
It'd better to only return JSON if requested. E.g if application/json is present in the Accept header. Or via a URL parameter etc.