Do not redirect AJAX requests with expired cookie to login form
---------------------------------------------------------------
Key: SLING-1745
URL: https://issues.apache.org/jira/browse/SLING-1745
Project: Sling
Issue Type: Improvement
Components: Authentication
Affects Versions: Form Based Authentication 1.0.0
Reporter: Felix Meschberger
Assignee: Felix Meschberger
Fix For: Form Based Authentication 1.0.2
Currently there are two reactions possible if a request is sent with an expired
cookie: Either the cookie is just cleared (but ignored for authentication
purposes) [the default] or the client is redirected to the login form.
Both reactions are not necessairily usefull if an AJAX (or an application) is
sending the request with the expired cookie. In this case a proper response
would probably be more appropriate.
See also the discussion at http://markmail.org/message/jwsvk6swnxvvfsyz
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
