Robert Newson created COUCHDB-3084: -------------------------------------- Summary: "authenticated" property is set even when no authentication occurs Key: COUCHDB-3084 URL: https://issues.apache.org/jira/browse/COUCHDB-3084 Project: CouchDB Issue Type: Bug Reporter: Robert Newson
The "authenticated" property from /_session should only appear when authentication has occurred. In 2.0 we extracted the 'admin party' handling into its own handler and this introduced the side-effect that all GET's to /_session are handled by an authentication handler. chttpd:maybe_set_handler makes the assumption that if a handler sets #httpd.user_ctx to a #user_ctx record that authentication has taken place. This is not always true. -- This message was sent by Atlassian JIRA (v6.3.4#6332)