>>> snip snap > > So my suggestion is to make a tiny enhancement to the > > AuthenticationInfoPostProcessor and to abandon my patch with > > the CredentialsValidator. > > I would let the postProcess method throw an exception in which > > case Sling should abort the request dispatching. Because in this > > case AuthenticationInfoPostProcessor is much more generic than > > the CrednetialsValidator (which should only validate credentials) > > Sling can't handle the Exception in a predefined manner, that means > > the AuthenticationInfoPostProcessor has to forward to a login or > > whatever in case of en error. > > This is fine with me. It is just a matter of adding "throws Exception" > to the postProcess() method? Or did you have a specific exception in > mind? > > Justin
I'm fine with just a plain Exception. But we also have to make a small change in the SlingAuthenticator to catch the Exception and return false in the handleSecurity method. I will prepare a patch and attach it to SLING-1593. best regards mike
