On 28/08/12 07:43, mayankeagle wrote:
I also noticed that in the response to /authorize/decision, my Java client
receives a<replyTo> field that contains the value
/services/authorize/decision/decision
Not sure why /decision is appearing 2 times here, because it appears only
once in my request URL.
The reason you see it twice is that the code is a bit lax and presumes
it's an initial authorization request if no session token is available
and thus takes the current URI and appends 'decision' to it.
I think the code has to be tightened a bit and do not generate a new
session token if none available in the user decision request and throw
an exception - will get that fixed.
Sergey
--
View this message in context:
http://cxf.547215.n5.nabble.com/OAuth-1-0-in-CXF-2-6-2-tp5713150p5713191.html
Sent from the cxf-user mailing list archive at Nabble.com.
