Hi, I am working on an Authentication handler which should display an error page in case the user fails to authenticate. The error page should display the reason and should be customisable (layout) by customers.
The errors are detected inside AuthenticationHandler#requestCredentials, if a FAILURE_REASON attribute is set from AuthenticationHandler#extractCredentials. Returning a 403 from #requestCredentials does not triggers the Sling error handling mechanism [0], instead, it outputs the reason both as X-* headers and in the body. Assuming a deployment behind a dispatcher, one could intercept this response and build the custom page leveraging the reason in the headers. However, there seems to be no way ATM to build the page in Sling. Would it make sense to allow the SlingAuthenticator leverage the std Sling error handling ? Regards, Timothee [0] https://sling.apache.org/documentation/the-sling-engine/errorhandling.html
