You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Ian Boston (JIRA)" <ji...@apache.org> on 2015/02/12 10:58:12 UTC
[jira] [Commented] (SLING-4413) :applyTo should send 403 instead of
500 when operation fails
[ https://issues.apache.org/jira/browse/SLING-4413?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14317920#comment-14317920 ]
Ian Boston commented on SLING-4413:
-----------------------------------
I cant find the discussion on dev@sling.apache.org, so apologies if this was already discussed on list.
Is the only reason for a PersistenceException being thrown, AccessDenied or are there other reasons that should be report 500 ?
If PersistenceException is used for any issue persisting a change to the repository, (eg repository not available, corrupt, timed out), is there a way of distinguishing between a general internal server error and a genuine forbidden operation ?
The exception itself doesn't provide any more detailed information. (no sub classes)
https://sling.apache.org/apidocs/sling7/org/apache/sling/api/resource/PersistenceException.html
> :applyTo should send 403 instead of 500 when operation fails
> -------------------------------------------------------------
>
> Key: SLING-4413
> URL: https://issues.apache.org/jira/browse/SLING-4413
> Project: Sling
> Issue Type: Bug
> Components: Servlets
> Affects Versions: Servlets Post 2.3.6
> Reporter: Lars Krapf
> Priority: Minor
>
> Example:
> curl -vv curl -F":operation=delete" -F":applyTo=/etc/*" http://localhost:4502/content/geometrixx
> Will give you a 500 (PersistenceException) in case /etc/* is not writable to the request session - as discussed with Felix & Carsten this should rather be a 403.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)