Built-in HTTP Authentication Handler should use setStatus instead of sendError
------------------------------------------------------------------------------
Key: SLING-1742
URL: https://issues.apache.org/jira/browse/SLING-1742
Project: Sling
Issue Type: Bug
Components: Authentication
Affects Versions: Auth Core 1.0.2
Reporter: Felix Meschberger
Assignee: Felix Meschberger
Fix For: Auth Core 1.0.4
The requestCredentials method of the built-in HTTP may be called from within an
error handler. As such it should not call the HttpServletResponse.sendError
method because such a call will be ignored (to prevent error handler loops) and
thus the 401 status response will not be sent back.
Instead the requestCredentials method should just set the response status
before flushing the response.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
