[undertow-dev] CachedAuthenticatedSessionMechanism should return NOT_ATTEMPTED?

Bill Burke bburke at redhat.com
Fri Feb 28 19:39:25 EST 2014


If IdentityManager.verify(Account) returns null, shouldn't 
CachedAuthenticatedSessionMechanism return NOT_ATTEMPTED instead of 
aborting and returning 403/NOT_AUTHENTICATED?  I was expecting that 
returning null would start the auth process again.




-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the undertow-dev mailing list