Hello Matt,
I've entered on issue for this topic:
http://restlet.tigris.org/issues/show_bug.cgi?id=985
Thanks for your report.
Best regards,
Thierry Boileau
I've always thought that 401 Not Authorized was poorly chosen wording,
because it really says the same thing as 403 Forbidden.
I've always thought that 401 Not Authorized was poorly chosen wording,
because it really says the same thing as 403 Forbidden. However, the
requirement that a 401 status also MUST send a WWW-Authenticate header I think
in practice has led 401 to really mean Not Authenticated and 403 to really
Stephan, I did call a 204 an error, didn't I? I should know better.
I have done some digging and I think I see what's going on. The
unauthenticated() method in the abstract Authenticator class never sets
CLIENT_ERROR_UNAUTHORIZED in the response object. I don't know whether it
should or
Hi Matt,
maybe the reason is, that the status is set to 204, if there is no
entity (by Restlet). This must onky be done, if status is 200. Maybe
this check is missing. Try to check it with the debugger.
BTW: 204 is not an error, it means ok, but no entity available.
best regards
Stephan
I'm trying to implement a custom authenticator class and I'm a little stumped
by the behavior so far. When I override the authenticate() method to always
return false, I get back an HTTP 204 error. However, if I have it always
return true, then the request goes through correctly, so I think I
5 matches
Mail list logo