[
https://issues.apache.org/jira/browse/SLING-1745?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Felix Meschberger resolved SLING-1745.
--------------------------------------
Fix Version/s: Auth Core 1.0.4
(was: Form Based Authentication 1.0.2)
Resolution: Fixed
Added integration tests from http://codereview.appspot.com/2252043 in Rev.
1001058.
> Do not redirect AJAX requests with expired cookie to login form
> ---------------------------------------------------------------
>
> Key: SLING-1745
> URL: https://issues.apache.org/jira/browse/SLING-1745
> Project: Sling
> Issue Type: Improvement
> Components: Authentication
> Affects Versions: Form Based Authentication 1.0.0
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: Auth Core 1.0.4
>
>
> Currently there are two reactions possible if a request is sent with an
> expired cookie: Either the cookie is just cleared (but ignored for
> authentication purposes) [the default] or the client is redirected to the
> login form.
> Both reactions are not necessairily usefull if an AJAX (or an application) is
> sending the request with the expired cookie. In this case a proper response
> would probably be more appropriate.
> See also the discussion at http://markmail.org/message/jwsvk6swnxvvfsyz
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
