[
https://issues.apache.org/jira/browse/SLING-1428?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12914451#action_12914451
]
Justin Edelson commented on SLING-1428:
---------------------------------------
> Reconsidering this, I think the "j_validate" functionality would be a nice
> functionality to be added to the Sling Authenticator for use by all
> authentication handlers.
+1
> Failed Form Auth via AJAX Does not Return Status 403
> ----------------------------------------------------
>
> Key: SLING-1428
> URL: https://issues.apache.org/jira/browse/SLING-1428
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Affects Versions: Form Based Authentication 1.0.0
> Reporter: Jason Rose
> Assignee: Felix Meschberger
> Fix For: Form Based Authentication 1.0.2, Auth Core 1.0.4
>
>
> Posting:
> j_username=<some gibberish>
> j_password=<some gibberish>
> j_validate=true
> Returns status 200 and the HTML for the auth page. Looking at the
> sessionInfo.json shows me that I'm authenticated as anonymous, as intended,
> but the docs say I should have received a status code 403.
> Authenticating as a known user does indeed work as intended.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
