You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ju...@apache.org on 2010/06/23 02:11:04 UTC
svn commit: r957088 -
/sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
Author: justin
Date: Wed Jun 23 00:11:04 2010
New Revision: 957088
URL: http://svn.apache.org/viewvc?rev=957088&view=rev
Log:
SLING-1570 - sending 401 on dropCredentials only if the Authorization header is set
Modified:
sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
Modified: sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java?rev=957088&r1=957087&r2=957088&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java (original)
+++ sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java Wed Jun 23 00:11:04 2010
@@ -254,7 +254,9 @@ public class AuthorizationHeaderAuthenti
*/
public void dropCredentials(HttpServletRequest request,
HttpServletResponse response) {
- sendUnauthorized(response);
+ if (request.getHeader(HEADER_AUTHORIZATION) != null) {
+ sendUnauthorized(response);
+ }
}
/**