[
https://issues.apache.org/jira/browse/SLING-11998?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17754507#comment-17754507
]
Juerg Meier commented on SLING-11998:
-------------------------------------
[~rombert] The version used is the offical Sling12 "LTS" download from
[https://sling.apache.org/downloads.cgi,] docker image (oak tar). According to
MANIFEST.MF of the org.apache.sling.feature.launcher.jar, this is
Implementation-Version: 1.1.26 .
> SlingPostServlet responds with wrong status code upon Oak Access error
> ----------------------------------------------------------------------
>
> Key: SLING-11998
> URL: https://issues.apache.org/jira/browse/SLING-11998
> Project: Sling
> Issue Type: Bug
> Components: Engine
> Environment: Sling 12
> Reporter: Juerg Meier
> Priority: Major
>
> In Sling 12, the SlingPostServlet sends back a HTTP status 422 Invalid
> Payload if the underlying OAK persistence layer reports an access error to a
> resource.
> The correct response code is HTTP 403 Forbidden:
> ??The request contained valid data and was understood by the server, but the
> server is refusing action. This may be due to the user not having the
> necessary permissions for a resource...??
> This is exactly opposite to 422, which indicates that the payload is
> erroneous. This misleads subsequent debugging efforts. Additionally, this
> error is not logged with launcher/error.log.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
