[ https://issues.jboss.org/browse/ELY-1192?page=com.atlassian.jira.plugin.s... ] Ondrej Lukas updated ELY-1192: ------------------------------ Description: In case security domain used by deployed application uses {{aggregate-principal-transformer}} which includes some {{principal-transformers}} and none of them returns non-null principal then HTTP status 500 with 'ELY01003: No authentication is in progress' is returned by application. It causes that authentication cannot be repeated (e.g. when user provides some typo in username). It should rather throw HTTP status 401 to allow repeating authentication process. This situation can happen if {{aggregate-principal-transformer}} is used as decision tree (see [1] for details) and uses only transformers which can return null principal (e.g. only chained-principal-transformers). This happens when {{aggregate-principal-transformer}} is used in {{pre-realm-principal-transformer}} for security domain. It does not happen when {{aggregate-principal-transformer}} is used in {{principal-transformer}} for realm in security domain. [1] https://issues.jboss.org/browse/JBEAP-9628?focusedCommentId=13399462&... was: In case security domain used by deployed application uses {{aggregate-principal-transformer}} which includes some {{principal-transformers}} and none of them returns non-null principal then HTTP status 500 with 'ELY01003: No authentication is in progress' is returned by application. It causes that authentication cannot be repeated (e.g. when user provides some typo in username). It should rather throw HTTP status 401 to allow repeating authentication process. This situation can happen if {{aggregate-principal-transformer}} is used as decision tree (see [1] for details) and uses only transformers which can return null principal (e.g. only chained-principal-transformers). [1] https://issues.jboss.org/browse/JBEAP-9628?focusedCommentId=13399462&... -- This message was sent by Atlassian JIRA (v7.2.3#72005)