I'm using 1.0, so this may already be fixed in 1.1, but a quick search of the list didn't turn up anything, so I thought I'd ask. I'm using Basic HTTP Auth, and I've implemented a subclass of Guard, wherein I've overridden doHandle(). I know that's not the recommended approach, but I don't think it's relevant to this question.
I keep seeing entries in my logs that look like this: Sep 11, 2008 6:02:50 PM com.noelios.restlet.util.SecurityUtils parseResponse INFO: Basic HTTP authentication succeeded: identifier=avif. The thing is, this is even in cases where basic auth fails, in my Guard, wherein I call challenge(response). I think this log record is really just saying "I was able to successfully parse the Authorization header into a ChallengeResponse object", which is good info, but: (A) it should be a FINE or FINER, not an INFO, and (B) the message is misleading. Does that make sense? Thanks, Avi -- Avi Flax » Lead Technologist » Partner » Arc90 » http://arc90.com
