You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by Timothée Maret <ti...@gmail.com> on 2015/08/07 01:22:49 UTC

SlingAuthenticator and custom error handler

Hi,

I am working on an Authentication handler which should display an error
page in case the user fails to authenticate.
The error page should display the reason and should be customisable
(layout) by customers.

The errors are detected inside AuthenticationHandler#requestCredentials, if
a FAILURE_REASON attribute is set from
AuthenticationHandler#extractCredentials.
Returning a 403 from #requestCredentials does not triggers the Sling error
handling mechanism [0], instead, it outputs the reason both as X-* headers
and in the body.
Assuming a deployment behind a dispatcher, one could intercept this
response and build the custom page leveraging the reason in the headers.

However, there seems to be no way ATM to build the page in Sling.
Would it make sense to allow the SlingAuthenticator leverage the std Sling
error handling ?

Regards,

Timothee

[0]
https://sling.apache.org/documentation/the-sling-engine/errorhandling.html