diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/PasswordServlet.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/PasswordServlet.java
index a7979bbd3504a2a543f4c8245ac2879d13f09c1f..141a0ae06aff7ba1cd6b204b43fc60761cb1b2f3 100644
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/PasswordServlet.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/PasswordServlet.java
@@ -97,7 +97,6 @@ public class PasswordServlet extends HttpServlet
public void doPost(final HttpServletRequest request, final HttpServletResponse response)
throws IOException
{
- response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
final long start = System.currentTimeMillis();
final ServletLogInfo logInfo = new ServletLogInfo(request);
log.info(logInfo.start());
@@ -106,7 +105,7 @@ public class PasswordServlet extends HttpServlet
final Subject subject = AuthenticationUtil.getSubject(request);
if ((subject == null) || (subject.getPrincipals(HttpPrincipal.class).isEmpty()))
{
- logInfo.setMessage("Missing subject");
+ logInfo.setMessage("Unauthorized subject");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
else
@@ -119,7 +118,6 @@ public class PasswordServlet extends HttpServlet
{
try
{
- response.setStatus(HttpServletResponse.SC_OK);
final Set<HttpPrincipal> webPrincipals =
subject.getPrincipals(HttpPrincipal.class);
@@ -174,6 +172,7 @@ public class PasswordServlet extends HttpServlet
log.error(message, t);
logInfo.setSuccess(false);
logInfo.setMessage(message);
+ response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
finally
{