Internal Server Error if anonymous login is disabled but no authentication
handler may be used
----------------------------------------------------------------------------------------------
Key: SLING-1307
URL: https://issues.apache.org/jira/browse/SLING-1307
Project: Sling
Issue Type: Bug
Components: Commons
Reporter: Felix Meschberger
Assignee: Felix Meschberger
Fix For: Commons Auth 1.0.0
If anonymous access is disabled by configuration, but no authentication handler
can be selected to authenticate the request, an Internal Server error is sent
back to the client and a stack trace is logged :
20.01.2010 16:54:38 *MARK * servletengine: Servlet threw exception:
org.apache.sling.commons.auth.NoAuthenticationHandlerException
at
org.apache.sling.commons.auth.impl.SlingAuthenticator.login(SlingAuthenticator.java:372)
at
org.apache.sling.commons.auth.impl.SlingAuthenticator.getAnonymousSession(SlingAuthenticator.java:560)
at
org.apache.sling.commons.auth.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:296)
at
org.apache.sling.engine.impl.SlingMainServlet.handleSecurity(SlingMainServlet.java:817)
at
org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:224)
at
org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:86)
at
org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:77)
The login method is defined to throw a NoAuthenticationHandlerException if no
authentication handler can be found to handle the request. This exception must
be caught by the getAnonymousSession method and converted into a sensible error
such as 403/FORBIDDEN.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
