You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Carsten Ziegeler (JIRA)" <ji...@apache.org> on 2010/12/20 15:51:06 UTC

[jira] Closed: (SLING-1745) Do not redirect AJAX requests with expired cookie to login form

     [ https://issues.apache.org/jira/browse/SLING-1745?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Carsten Ziegeler closed SLING-1745.
-----------------------------------


> Do not redirect AJAX requests with expired cookie to login form
> ---------------------------------------------------------------
>
>                 Key: SLING-1745
>                 URL: https://issues.apache.org/jira/browse/SLING-1745
>             Project: Sling
>          Issue Type: Improvement
>          Components: Authentication
>    Affects Versions: Form Based Authentication 1.0.0
>            Reporter: Felix Meschberger
>            Assignee: Felix Meschberger
>             Fix For: Auth Core 1.0.4
>
>
> Currently there are two reactions possible if a request is sent with an expired cookie: Either the cookie is just cleared (but ignored for authentication purposes) [the default] or the client is redirected to the login form.
> Both reactions are not necessairily usefull if an AJAX (or an application) is sending the request with the expired cookie. In this case a proper response would probably be more appropriate.
> See also the discussion at http://markmail.org/message/jwsvk6swnxvvfsyz

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.