[ https://issues.apache.org/jira/browse/SLING-11998?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17754507#comment-17754507 ]
Juerg Meier commented on SLING-11998: ------------------------------------- [~rombert] The version used is the offical Sling12 "LTS" download from [https://sling.apache.org/downloads.cgi,] docker image (oak tar). According to MANIFEST.MF of the org.apache.sling.feature.launcher.jar, this is Implementation-Version: 1.1.26 . > SlingPostServlet responds with wrong status code upon Oak Access error > ---------------------------------------------------------------------- > > Key: SLING-11998 > URL: https://issues.apache.org/jira/browse/SLING-11998 > Project: Sling > Issue Type: Bug > Components: Engine > Environment: Sling 12 > Reporter: Juerg Meier > Priority: Major > > In Sling 12, the SlingPostServlet sends back a HTTP status 422 Invalid > Payload if the underlying OAK persistence layer reports an access error to a > resource. > The correct response code is HTTP 403 Forbidden: > ??The request contained valid data and was understood by the server, but the > server is refusing action. This may be due to the user not having the > necessary permissions for a resource...?? > This is exactly opposite to 422, which indicates that the payload is > erroneous. This misleads subsequent debugging efforts. Additionally, this > error is not logged with launcher/error.log. -- This message was sent by Atlassian Jira (v8.20.10#820010)