svn commit: r1795883 - /sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext

Tue, 23 May 2017 01:45:07 -0700 

Author: asanso
Date: Tue May 23 08:44:44 2017
New Revision: 1795883

URL: http://svn.apache.org/viewvc?rev=1795883&view=rev
Log:
SLING-6053 - SlingAuthenticator identifies wrong sibling node with 
AuthenticationInfo

Modified:
    
sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext

Modified: 
sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
URL: 
http://svn.apache.org/viewvc/sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext?rev=1795883&r1=1795882&r2=1795883&view=diff
==============================================================================
--- 
sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
 (original)
+++ 
sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
 Tue May 23 08:44:44 2017
@@ -78,11 +78,14 @@ The values set on the *Authentication Re
 
 **Examples**
 
-* The `LoginServlet` contained in the Sling Auth Core bundle registers itself 
with the service registration property `sling.auth.requirements = 
"-/system/sling/login"` to ensure the servlet can be accessed without requiring 
authentication. The following request urls would work then without 
authentication:
+* The `LoginServlet` contained in the Sling Auth Core bundle registers itself 
with the service registration property `sling.auth.requirements = 
"-/system/sling/login"` to ensure the servlet can be accessed without requiring 
authentication (checks for `slash` or `dot` or `end of string`). The following 
request urls would work then without authentication:
     * /system/sling/login
     * /system/sling/login.html
     * /system/sling/login/somesuffix
-    * /system/sling/login-test (if this is not desired, you have to use a 
restriction like this: `sling.auth.requirements = "-/system/sling/login"`)
+    
+  While the following request will still require authentication 
+  
+    * /system/sling/login-test 
 
 * An authentication handler may register itself with the service registration 
property `sling.auth.requirements = "-/apps/sample/loginform"` to ensure the 
login form can be rendered without requiring authentication.

Reply via email to