users@jersey.java.net

[Jersey] Re: HTTP status code for Sess Expiration

From: Ryan Stewart <rds6235_at_gmail.com>
Date: Tue, 26 Apr 2011 13:15:39 -0500

That would depend a lot on how you're securing your app. In my particular
case, I don't use sessions to hold security info, but if I did and somebody
requested a resource without having valid auth info in the session, I'd
probably throw an exception. That would make Jersey return a response code
of 500 except that I'd write an ExceptionMapper for it and turn it into a
401, the appropriate response to an unauthenticated request to a secure
resource.

On Tue, Apr 26, 2011 at 12:29 PM, Arthur Yeo <artyyeo_at_gmail.com> wrote:

> All,
> What's the HTTP status code returned to the browser when a session expires
> in Jersey?
> --
> Arthur Y.
>