On Tuesday, October 2, 2012 at 8:08 AM, Matthias Wessendorf wrote:
Hi,I think they return 403 since they (like us) lack the WWW-Authenticate header.Which is required on 401:-MOn Tue, Oct 2, 2012 at 12:56 PM, Matthias Wessendorf <matzew@apache.org> wrote:Hi,I noticed that with Amazon's S3 (for instance) they return 403 whenyou are not authorized. Not really sure, but forbidden (403) isperhaps fine when accessing a protected REST endpoint (versus 401) ?Thoughts?-Matthias--Matthias Wessendorfsessions: http://www.slideshare.net/mwessendorftwitter: http://twitter.com/mwessendorf--Matthias Wessendorfsessions: http://www.slideshare.net/mwessendorftwitter: http://twitter.com/mwessendorf_______________________________________________aerogear-dev mailing list