[ https://issues.apache.org/jira/browse/SLING-7938?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Munteanu closed SLING-7938. ---------------------------------- > Add an option to prefer sending the reason_code as a request parameter over > the reason text when redirecting to the login page > ------------------------------------------------------------------------------------------------------------------------------ > > Key: SLING-7938 > URL: https://issues.apache.org/jira/browse/SLING-7938 > Project: Sling > Issue Type: Improvement > Components: Authentication > Affects Versions: Form Based Authentication 1.0.10 > Reporter: Eric Norman > Assignee: Eric Norman > Priority: Major > Fix For: Form Based Authentication 1.0.12 > > > Add a config option to the form authentication handler to prefer sending the > reason_code as a request parameter instead of the reason text when > redirecting to the login page. > Sending the reason code as a request parameter should be safer, especially if > your custom login page was echoing the reason text to the screen. The custom > login page script can then calculate the reason text to show in the UI by > matching the reason codes against the well-known failure reason codes and > fallback to some default reason text for anything invalid. > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)