Author: asanso Date: Tue May 23 08:44:44 2017 New Revision: 1795883 URL: http://svn.apache.org/viewvc?rev=1795883&view=rev Log: SLING-6053 - SlingAuthenticator identifies wrong sibling node with AuthenticationInfo
Modified: sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext Modified: sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext URL: http://svn.apache.org/viewvc/sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext?rev=1795883&r1=1795882&r2=1795883&view=diff ============================================================================== --- sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext (original) +++ sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext Tue May 23 08:44:44 2017 @@ -78,11 +78,14 @@ The values set on the *Authentication Re **Examples** -* The `LoginServlet` contained in the Sling Auth Core bundle registers itself with the service registration property `sling.auth.requirements = "-/system/sling/login"` to ensure the servlet can be accessed without requiring authentication. The following request urls would work then without authentication: +* The `LoginServlet` contained in the Sling Auth Core bundle registers itself with the service registration property `sling.auth.requirements = "-/system/sling/login"` to ensure the servlet can be accessed without requiring authentication (checks for `slash` or `dot` or `end of string`). The following request urls would work then without authentication: * /system/sling/login * /system/sling/login.html * /system/sling/login/somesuffix - * /system/sling/login-test (if this is not desired, you have to use a restriction like this: `sling.auth.requirements = "-/system/sling/login"`) + + While the following request will still require authentication + + * /system/sling/login-test * An authentication handler may register itself with the service registration property `sling.auth.requirements = "-/apps/sample/loginform"` to ensure the login form can be rendered without requiring authentication.