You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sling.apache.org by as...@apache.org on 2017/05/23 08:44:44 UTC

svn commit: r1795883 - /sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext

Author: asanso
Date: Tue May 23 08:44:44 2017
New Revision: 1795883

URL: http://svn.apache.org/viewvc?rev=1795883&view=rev
Log:
SLING-6053 - SlingAuthenticator identifies wrong sibling node with AuthenticationInfo

Modified:
    sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext

Modified: sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
URL: http://svn.apache.org/viewvc/sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext?rev=1795883&r1=1795882&r2=1795883&view=diff
==============================================================================
--- sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext (original)
+++ sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext Tue May 23 08:44:44 2017
@@ -78,11 +78,14 @@ The values set on the *Authentication Re
 
 **Examples**
 
-* The `LoginServlet` contained in the Sling Auth Core bundle registers itself with the service registration property `sling.auth.requirements = "-/system/sling/login"` to ensure the servlet can be accessed without requiring authentication. The following request urls would work then without authentication:
+* The `LoginServlet` contained in the Sling Auth Core bundle registers itself with the service registration property `sling.auth.requirements = "-/system/sling/login"` to ensure the servlet can be accessed without requiring authentication (checks for `slash` or `dot` or `end of string`). The following request urls would work then without authentication:
     * /system/sling/login
     * /system/sling/login.html
     * /system/sling/login/somesuffix
-    * /system/sling/login-test (if this is not desired, you have to use a restriction like this: `sling.auth.requirements = "-/system/sling/login"`)
+    
+  While the following request will still require authentication 
+  
+    * /system/sling/login-test 
 
 * An authentication handler may register itself with the service registration property `sling.auth.requirements = "-/apps/sample/loginform"` to ensure the login form can be rendered without requiring authentication.