[ https://issues.apache.org/jira/browse/SLING-1745?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger resolved SLING-1745. -------------------------------------- Fix Version/s: Auth Core 1.0.4 (was: Form Based Authentication 1.0.2) Resolution: Fixed Added integration tests from http://codereview.appspot.com/2252043 in Rev. 1001058. > Do not redirect AJAX requests with expired cookie to login form > --------------------------------------------------------------- > > Key: SLING-1745 > URL: https://issues.apache.org/jira/browse/SLING-1745 > Project: Sling > Issue Type: Improvement > Components: Authentication > Affects Versions: Form Based Authentication 1.0.0 > Reporter: Felix Meschberger > Assignee: Felix Meschberger > Fix For: Auth Core 1.0.4 > > > Currently there are two reactions possible if a request is sent with an > expired cookie: Either the cookie is just cleared (but ignored for > authentication purposes) [the default] or the client is redirected to the > login form. > Both reactions are not necessairily usefull if an AJAX (or an application) is > sending the request with the expired cookie. In this case a proper response > would probably be more appropriate. > See also the discussion at http://markmail.org/message/jwsvk6swnxvvfsyz -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.