Thanks, Thierry. I created a JIRA issue: http://jira.nuxeo.org/browse/NXP-3317
Would you suspect this is something that would be fixed for 5.2.0-GA? Regards, Mike -----Original Message----- From: tdelprat [mailto:[email protected]] Sent: Wed 3/25/2009 2:24 PM To: Santy, Michael; [email protected] Subject: Re: [Ecm] Potential restlet authentication breakage in nuxeo > 5.2m3 Looks like a bug ... ----- Original Message ----- From: [email protected] <[email protected]> To: [email protected] <[email protected]> Sent: Wed Mar 25 20:15:58 2009 Subject: [Ecm] Potential restlet authentication breakage in nuxeo > 5.2m3 Hello, I've noticed that in all versions of Nuxeo > 5.2m3, restlets do not seem to challenge clients with HTTP basic properly. I initially thought that it may be a configuration change needed in my custom restlets, but I was able to duplicate it with the locking restlet delivered with Nuxeo. To reproduce: 1) login to a plain vanilla Nuxeo, create a file document, and not the file's docid. 2) Test the lock status in the browser by visiting: http://localhost:8080/nuxeo/restAPI/default/${docid}/Locking/status This seems to work just fine because your existing credentials are being used. 3) Open a different browser (or use curl/wget) and visit the same URL. In nuxeo 5.2.0m3, you are properly challenged for HTTP basic credentials (status 401). In 5.2.0m4 or 5.2.0RC1, you are sent a redirect (status 302) to the login page. Is this change intentional and I need to update some configuration file, or is it just a bug that needs fixing? If anyone has a workaround, I would be very grateful. Thanks, Mike
_______________________________________________ ECM mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/ecm To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
