On 11/15/2013 8:14 AM, Darran Lofthouse wrote:
If the required tokens were not within the message then the
mechanism
should return NOT_ATTEMPTED.
If there are multiple mechanisms (or even a single mechanism) and
authentication is required but all the mechanisms return NOT_ATTEMPTED
then Undertow will take the decision to turn the request around and call
sendChallenge on each of them.
NOT_AUTHENTICATED means the mechanism saw 'something' in the incomming
requets and attempted to authenticate it but for some reason failed so
the message flow needs reversing and the challenges sending. This could
happen as an example if stale nonce is received in DIGEST.
Awesome. I misinterpreted how to pass back Outcomes. Returning
NOT_ATTEMPTED at the appropriate time seemed to fix this problem. I'll
close the JIRA.
THanks,
Bill
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com