[ https://issues.apache.org/jira/browse/SLING-1428?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12914451#action_12914451 ]
Justin Edelson commented on SLING-1428: --------------------------------------- > Reconsidering this, I think the "j_validate" functionality would be a nice > functionality to be added to the Sling Authenticator for use by all > authentication handlers. +1 > Failed Form Auth via AJAX Does not Return Status 403 > ---------------------------------------------------- > > Key: SLING-1428 > URL: https://issues.apache.org/jira/browse/SLING-1428 > Project: Sling > Issue Type: Bug > Components: Authentication > Affects Versions: Form Based Authentication 1.0.0 > Reporter: Jason Rose > Assignee: Felix Meschberger > Fix For: Form Based Authentication 1.0.2, Auth Core 1.0.4 > > > Posting: > j_username=<some gibberish> > j_password=<some gibberish> > j_validate=true > Returns status 200 and the HTML for the auth page. Looking at the > sessionInfo.json shows me that I'm authenticated as anonymous, as intended, > but the docs say I should have received a status code 403. > Authenticating as a known user does indeed work as intended. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.