For the first time, in struts application development I'm using roles
attribute from action-mapping.
I found something weird in method processRoles on the class RequestProcessor:
response.sendError(HttpServletResponse.SC_BAD_REQUEST,
getInternal().getMessage("notAuthorized",
mapping.getPath()));
IMHO it will be more correct to send a HttpServletResponse.SC_UNAUTHORIZED.
BTW, I'm using struts 1.1
What do you think?
What was the reason to send BAD_REQUEST (error code 400) instead of
UNAUTHORIZED (error code 401)?
Thanks in advance,
Jo�o
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
