You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@shindig.apache.org by "Ryan Baxter (JIRA)" <ji...@apache.org> on 2012/07/20 08:43:35 UTC

[jira] [Resolved] (SHINDIG-1818) Ambiguous error message when gadgets are not whitelisted

     [ https://issues.apache.org/jira/browse/SHINDIG-1818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ryan Baxter resolved SHINDIG-1818.
----------------------------------

       Resolution: Fixed
    Fix Version/s:     (was: 2.5.0-beta2)
                   2.5.0-beta3

Committed revision 1363665.
                
> Ambiguous error message when gadgets are not whitelisted
> --------------------------------------------------------
>
>                 Key: SHINDIG-1818
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-1818
>             Project: Shindig
>          Issue Type: Improvement
>          Components: Java
>    Affects Versions: 2.5.0-beta2
>            Reporter: Marshall Shi
>            Priority: Minor
>             Fix For: 2.5.0-beta3
>
>         Attachments: 36831.patch
>
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> In Shindig when using gadget whitelisting and feature access control, there are two error messages:
> 1. Gadget is not whitelisted:
> 403 The requested gadget is unavailable 
> 2. Gadget is requesting features that it does not have access too
> 400 The requested gadget is not authorized for this container
> The second error is perfect as it tells me that it has been rejected due to an authorization error AND that it may be config related (Type 400 response).
> The first error is ambiguous however, as it looks almost exactly the same as when the server that provides the gadget.xml is unavailable and / or rejects the request.  Please change (1) to something like:
> 	403 The requested gadget is not authorized for this container
> This will tell the user that the gadget is both not authorized and via the response code (403) that it is missing from the whitelist entirely.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira