Author: justin
Date: Wed Jun 23 00:11:04 2010
New Revision: 957088
URL: http://svn.apache.org/viewvc?rev=957088&view=rev
Log:
SLING-1570 - sending 401 on dropCredentials only if the Authorization header is
set
Modified:
sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
Modified:
sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java?rev=957088&r1=957087&r2=957088&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
(original)
+++
sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
Wed Jun 23 00:11:04 2010
@@ -254,7 +254,9 @@ public class AuthorizationHeaderAuthenti
*/
public void dropCredentials(HttpServletRequest request,
HttpServletResponse response) {
- sendUnauthorized(response);
+ if (request.getHeader(HEADER_AUTHORIZATION) != null) {
+ sendUnauthorized(response);
+ }
}
/**
