Hi all,
I'm about to switch to form based authentication for some of my sites.
I deployed the org.apache.sling.auth.form bundle in version 1.0.2 as I
believe that later versions are not compatible with CRX 2.2.
After some config, the login form pops up and sends the two required
fields j_username and j_password. Unfortunately, the request gets never
approved. Instead, the error.log says the following:
... org.apache.sling.auth.core.impl.SlingAuthenticator
handleLoginFailure: Unable to authenticate jurg: null
Most likely, this is generated by SlingAuthenticator.handleLoginFailure():
} else if (reason instanceof LoginException) {
// request authentication information and send 403 (Forbidden)
// if no handler can request authentication information.
log.info("handleLoginFailure: Unable to authenticate {}: {}", user,
reason.getMessage());
This now raises the following questions:
- using basic authentication, login with the same credentials works fine. So
what's keeping form based authenticator from verifying the credentials properly?
- what causes the reason to be empty?
Thanks for any hint,
Juerg
