[ https://issues.jboss.org/browse/ELY-1034?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated ELY-1034: ---------------------------------- Description: Update the HTTP status code handling within HTTP authentication to cover the following scenarios: - # If authentication is required and no mechanisms are available report status 500. # If a mechanism fails by throwing an exception and no other mechanisms are able to challenge report status 500. # If a mechanism fails but other mechanisms can still challenge use the challenge from the available mechanisms. # If mechanisms were available but none authenticated and none able to challenge report status 403. was: Some mechanisms are unable to operate correctly due to internal errors / configuration issues. When this happens they should be able to provide a responder which sets the status code to 500. However if other mechanisms can respond they should and the 500 be dropped. -- This message was sent by Atlassian JIRA (v7.2.3#72005)