You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Sergey Beryozkin (Resolved) (JIRA)" <ji...@apache.org> on 2012/04/10 16:11:20 UTC

[jira] [Resolved] (CXF-4234) JAX-RS JAASAuthenticatingFilter leaks SecurityException

     [ https://issues.apache.org/jira/browse/CXF-4234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sergey Beryozkin resolved CXF-4234.
-----------------------------------

    Resolution: Fixed
    
> JAX-RS JAASAuthenticatingFilter leaks SecurityException
> -------------------------------------------------------
>
>                 Key: CXF-4234
>                 URL: https://issues.apache.org/jira/browse/CXF-4234
>             Project: CXF
>          Issue Type: Bug
>            Reporter: Sergey Beryozkin
>            Assignee: Sergey Beryozkin
>             Fix For: 2.5.3, 2.6
>
>
> JAASAuthenticatingFilter is a wrapper around JAASLoginInterceptor and is supposed to return 401 in case of the missing HTTP Authorization header or failed logins. At the moment it leaks SecurityException that JAASLoginInterceptor throws in case of missing (Basic) authorization data which results in the browser reporting 500 instead of popping up the Authenticate window

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira