[
https://issues.apache.org/jira/browse/SLING-2443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13237627#comment-13237627
]
Felix Meschberger commented on SLING-2443:
------------------------------------------
Yes, if the sendError is used, 401 is just like any other error and is handled
by the error handling script.
The problem is, that 401 should not be sent to the client using sendError but
using setStatus and committing the response to make sure the client gets the
authentication requets.
> Missing WWW-Authenticate header on OPTIONS request with trunk
> servlets.resolver bundle
> --------------------------------------------------------------------------------------
>
> Key: SLING-2443
> URL: https://issues.apache.org/jira/browse/SLING-2443
> Project: Sling
> Issue Type: Bug
> Components: Servlets
> Reporter: Bertrand Delacretaz
>
> Running the launchpad/builder standalone jar from the trunk correctly returns
> an WWW-Authenticate header on an OPTIONS request with no credentials:
> $ curl -D - -X OPTIONS http://localhost:8080/
> HTTP/1.1 401 Unauthorized
> WWW-Authenticate: Basic realm="Jackrabbit Webdav Server"
> Content-Type: ...
> But if I replace the org.apache.sling.servlets.resolver 2.1.0 bundle that's
> in there with the latest snapshot (revision 1302994) that header is missing:
> it gets removed by the response.reset() call in
> DefaultErrorHandlerServlet.sendIntro(...), which makes it impossible to
> connect with WebDAV.
> That response.reset() call was not present in 2.1.0.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
