diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index a12632b3e..1ebdd7a6d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -404,7 +404,7 @@ public void delete(String resourceId) throws ForbiddenException, EntityNotFoundE @Override public Iterable getAllDisabledAndNotOwnedByAdmin() throws ForbiddenException { if (!userService.currentUserIsAdmin()) { - throw new ForbiddenException("You are not authorized to perform the requested operation."); + throw new ForbiddenException(); } return entityDescriptorRepository.findAllDisabledAndNotOwnedByAdmin().map(ed -> createRepresentationFromDescriptor(ed)).collect(Collectors.toList()); } @@ -464,7 +464,7 @@ public EntityDescriptor getEntityDescriptorByResourceId(String resourceId) throw throw new EntityNotFoundException(String.format("The entity descriptor with entity id [%s] was not found.", resourceId)); } if (!userService.isAuthorizedFor(ed.getGroup())) { - throw new ForbiddenException("You are not authorized to perform the requested operation."); + throw new ForbiddenException(); } return ed; } @@ -778,7 +778,7 @@ public EntityDescriptorRepresentation update(EntityDescriptorRepresentation edRe throw new ForbiddenException("You do not have the permissions necessary to enable this service."); } if (!userService.isAuthorizedFor(existingEd.getGroup())) { - throw new ForbiddenException("You are not authorized to perform the requested operation."); + throw new ForbiddenException(); } // Verify we're the only one attempting to update the EntityDescriptor if (edRep.getVersion() != existingEd.hashCode()) {