[
https://issues.apache.org/jira/browse/SHINDIG-935?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12680164#action_12680164
]
Justin Mitchell edited comment on SHINDIG-935 at 3/9/09 8:03 AM:
-----------------------------------------------------------------
When there is a failure because of an invalid token the whole requests fails
before the batched requests are split up. Setting the http code to 401 in the
response causes the javascript on the client side to give all the batched
requests an authorisation failure error which I think is probably the correct
behaviour, since none of the batched requests can succeed because they share
the same token.
I agree it doesn't make sense to apply this error reporting to individual
batched requests in the batch, only when the entire request fails for the same
reason, such as in the case of an invalid token.
I am using it this way at the moment and seems to work fine :)
was (Author: mitcheju):
When there is a failure because of an invalid token the whole requests
fails before the batched requests are split up. Setting the http code to 401 in
the response causes the javascript on the client side to give all the batched
requests an authorisation failure error which I think is probably the correct
behaviour, since none of the batched requests can succeed because they share
the same token.
I am using it this way at the moment and seems to work fine :)
> Gadget authentication failure causes javascript error in jsonrpccontainer.js
> -----------------------------------------------------------------------------
>
> Key: SHINDIG-935
> URL: https://issues.apache.org/jira/browse/SHINDIG-935
> Project: Shindig
> Issue Type: Bug
> Components: PHP
> Affects Versions: trunk
> Reporter: Justin Mitchell
> Priority: Minor
>
> When a RPC call is made to the server, JsonRpcServlet checks the security
> token, if the token is null an error is returned to the client in the form of
> a json message i.e. {"code":401,"message":"The request did not have a proper
> security token nor oauth message and unauthenticated
> requests are not allowed"}}. When sendResponse in jsonrpccontainer.js is
> called there is an error on this line: if (request.key && response.id !=
> request.key) { because the response object is undefined.
> To stop this error occurring and for an error to be returned to the caller, I
> set the HTTP header in JsonRpcServlet to return HTTP status code 401. This
> causes the function hadError in io.js to call sendResponse with the errors
> array of the result set, which stops the above code being called and in turn
> calls JsonRpcContainer.generateErrorResponse. So in the end an error is
> returned to the callback function.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
