I'm using 1.0, so this may already be fixed in 1.1, but a quick search of
the list didn't turn up anything, so I thought I'd ask.
I'm using Basic HTTP Auth, and I've implemented a subclass of Guard, wherein
I've overridden doHandle(). I know that's not the recommended approach, but
I don't think it's relevant to this question.
I keep seeing entries in my logs that look like this:
Sep 11, 2008 6:02:50 PM com.noelios.restlet.util.SecurityUtils parseResponse
INFO: Basic HTTP authentication succeeded: identifier=avif.
The thing is, this is even in cases where basic auth fails, in my Guard,
wherein I call challenge(response).
I think this log record is really just saying I was able to successfully
parse the Authorization header into a ChallengeResponse object, which is
good info, but: (A) it should be a FINE or FINER, not an INFO, and (B) the
message is misleading.
Does that make sense?
Thanks,
Avi
--
Avi Flax » Lead Technologist » Partner » Arc90 » http://arc90.com