Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: 4.5.3
Affects Version/s: 4.5.2
Component/s: security
Labels:
None

Template:
Acceptance criteria:

Empty

show more show less
Task DoD:

show more show less
Bug DoR:

show more show less

BasicAuthentication's prompting for credentials is only triggered when status is set to HttpServletResponse.SC_UNAUTHORIZED.
We should set status HttpServletResponse.SC_UNAUTHORIZED for anonymous user - HttpServletResponse.SC_FORBIDDEN else.

Acceptance criteria

is depended upon by

JRDVX-2 Figure out auth/callback issues

Resolved

is duplicated by

MAGNOLIA-4395 Security filters should set 401 or 403 more appropriately

Closed

is related to

MGNLWEBDAV-29 Authorization for WebDAV access is broken

Closed

MAGNOLIA-4397 ContentSecurityFilter#isAllowed does not set proper status code for anonymous user

Closed

Assignee:: Daniel Lipp

Reporter:: Daniel Lipp

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 25/Apr/12 1:13 PM

Updated:: 24/May/12 12:28 PM

Resolved:: 16/May/12 8:36 AM

Date of First Response:: 26/Apr/12 8:13 PM

Bug DoR

Task DoD

Details

Description

Checklists

Attachments

Issue Links

Activity

People

Dates

Checklists