[undertow-dev] AuthenticationMechanism, ChallengeResult and Response Code
Bill Burke
bburke at redhat.com
Mon Dec 16 11:24:03 EST 2013
FYI: For my case at least, I can co-exist with other Auth mechanisms, I
just need to be able to abort the sendChallenge loop and make sure I can
have my auth mechanism first in the sendChallenge loop (pretty sure that
one is already there).
On 12/16/2013 11:01 AM, Darran Lofthouse wrote:
> This may come under the same area as the single challenge I just replied
> to Bill about.
>
> For mechanisms that may behave in this way can we detect that they would
> want exclusivity from within the authenticate method?
>
> On 16/12/13 15:44, Anil Saldhana wrote:
>> Hi,
>> I am wondering if a flag can be set in ChallengeResult such that
>> undertow does not try to set the response code on the httpserverexchange
>> before sending the challenge?
>>
>> The reason is that an authentication mechanism may have already utilized
>> the httpservletresponse object to set a response code such as:
>>
>> ===========
>> response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
>> response.sendRedirect(destination);
>> ==============
>>
>> Now since undertow tries to set a response code on the
>> httpServerExchange, there is an error.
>>
>> Regards,
>> Anil
>> _______________________________________________
>> undertow-dev mailing list
>> undertow-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/undertow-dev
>>
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the undertow-dev
mailing list