[
https://issues.apache.org/jira/browse/SHINDIG-580?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12630636#action_12630636
]
Louis Ryan commented on SHINDIG-580:
------------------------------------
A chain of servlet filters would certainly work as well but it would introduce
some degree of duplication and the need to configure the filters in web.xml as
opposed to using Guice. See attached patch for alternate.
> Authentication filter doesnt distinguish between no authentication and
> invalid authentication
> ---------------------------------------------------------------------------------------------
>
> Key: SHINDIG-580
> URL: https://issues.apache.org/jira/browse/SHINDIG-580
> Project: Shindig
> Issue Type: Improvement
> Components: Common Components (Java)
> Reporter: Louis Ryan
> Assignee: Louis Ryan
> Attachments: BetterAuthErrorHandling.patch
>
>
> The current mechanism implementation does'nt allow for the distinction
> between an unspecificed authentication mechanism and a specified but
> malformed one.
> Some authentication handlers may also need to initiate additional
> authentication steps via redirects & headers before allowing further access.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
