Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-3104

Feedback for authorization failures

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Won't Do
    • Major
    • None
    • 4.3
    • security
    • None

    Description

      Authorization failures issued by info.magnolia.cms.security.URISecurityFilter#isAuthorized are only logged at debug level. After failure a login form is shown to the user which says nothing about why access to a certain resource has been denied and rather let them think that something was wrong with their username/password. It would be nice to give visual feedback in the login form also for this kind of errors, as it is done for authentication failures (e.g. wrong password).

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                pbaerfuss Philipp Bärfuss
                fgrilli Federico Grilli
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Checklists

                    Task DoD