and already attached a PR.
The whole idea is as soon as we on the authorization model, extract it
to AGSEC. I'll also start some unit testing to the endpoints.
Matthias Wessendorf wrote:
On Wed, Jun 19, 2013 at 6:15 PM, Bruno Oliveira <bruno(a)abstractj.org
<mailto:bruno@abstractj.org>> wrote:
I do it, if we're not using the interceptor we're just hiding a issue
and duplicating code.
I agree on that :)
- Issue: The endpoint should return 401 instead of bad request on
requests.
correct.
So, how about:
I give it another try tomorrow and will report back ?
-Matthias
Matthias Wessendorf wrote:
> I think I didn't use it, because it throws an RT exception (no
problem
> with that), which I could catch on the RestEasy layer.
> Instead of (for unauthorized invokes) returning 401 (to cURL, for
> instance), it was just "bad request".
>
> So, I went for the "check by code" solution first. Not saying
that I am
> AGAINST the interceptor.
>
> I think on the long run that would be better and cleaner.
--
abstractj
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev