[jira] [Closed] (SLING-7938) Add an option to prefer sending the reason_code as a request parameter over the reason text when redirecting to the login page

Robert Munteanu (JIRA) Fri, 19 Oct 2018 07:17:09 -0700


     [ 
https://issues.apache.org/jira/browse/SLING-7938?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Robert Munteanu closed SLING-7938.
----------------------------------

> Add an option to prefer sending the reason_code as a request parameter over 
> the reason text when redirecting to the login page
> ------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: SLING-7938
>                 URL: https://issues.apache.org/jira/browse/SLING-7938
>             Project: Sling
>          Issue Type: Improvement
>          Components: Authentication
>    Affects Versions: Form Based Authentication 1.0.10
>            Reporter: Eric Norman
>            Assignee: Eric Norman
>            Priority: Major
>             Fix For: Form Based Authentication 1.0.12
>
>
> Add a config option to the form authentication handler to prefer sending the 
> reason_code as a request parameter instead of the reason text when 
> redirecting to the login page.
> Sending the reason code as a request parameter should be safer, especially if 
> your custom login page was echoing the reason text to the screen.  The custom 
> login page script can then calculate the reason text to show in the UI by 
> matching the reason codes against the well-known failure reason codes and 
> fallback to some default reason text for anything invalid.
>  
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Closed] (SLING-7938) Add an option to prefer sending the reason_code as a request parameter over the reason text when redirecting to the login page

Reply via email to