Should be fixed now.
=> see http://hg.nuxeo.org/nuxeo/nuxeo-platform/rev/74887f718310
Santy, Michael a écrit :
Thanks, Thierry. I created a JIRA issue:
http://jira.nuxeo.org/browse/NXP-3317
Would you suspect this is something that would be fixed for 5.2.0-GA?
Regards,
Mike
-----Original Message-----
From: tdelprat [mailto:[email protected]]
Sent: Wed 3/25/2009 2:24 PM
To: Santy, Michael; [email protected]
Subject: Re: [Ecm] Potential restlet authentication breakage in nuxeo
> 5.2m3
Looks like a bug ...
----- Original Message -----
From: [email protected] <[email protected]>
To: [email protected] <[email protected]>
Sent: Wed Mar 25 20:15:58 2009
Subject: [Ecm] Potential restlet authentication breakage in nuxeo > 5.2m3
Hello,
I've noticed that in all versions of Nuxeo > 5.2m3, restlets do not
seem to
challenge clients with HTTP basic properly. I initially thought that
it may
be a configuration change needed in my custom restlets, but I was able to
duplicate it with the locking restlet delivered with Nuxeo. To reproduce:
1) login to a plain vanilla Nuxeo, create a file document, and not the
file's docid.
2) Test the lock status in the browser by visiting:
http://localhost:8080/nuxeo/restAPI/default/${docid}/Locking/status
This seems to work just fine because your existing credentials are being
used.
3) Open a different browser (or use curl/wget) and visit the same URL. In
nuxeo 5.2.0m3, you are properly challenged for HTTP basic credentials
(status 401). In 5.2.0m4 or 5.2.0RC1, you are sent a redirect (status
302)
to the login page.
Is this change intentional and I need to update some configuration
file, or
is it just a bug that needs fixing? If anyone has a workaround, I
would be
very grateful.
Thanks,
Mike
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
