[jboss-jira] [JBoss JIRA] (WFLY-2639) HttpServletRequest.getAuthType returns incorrect value
Stuart Douglas (JIRA)
issues at jboss.org
Mon Apr 14 16:58:33 EDT 2014
[ https://issues.jboss.org/browse/WFLY-2639?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12961764#comment-12961764 ]
Stuart Douglas commented on WFLY-2639:
--------------------------------------
I think the current behaviour is ok, and it would be misleading to claim that 'BASIC' or 'FORM' was in use when it is not.
> HttpServletRequest.getAuthType returns incorrect value
> ------------------------------------------------------
>
> Key: WFLY-2639
> URL: https://issues.jboss.org/browse/WFLY-2639
> Project: WildFly
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Web (Undertow)
> Reporter: Arun Gupta
> Assignee: Darran Lofthouse
> Priority: Minor
> Labels: web_security
>
> HttpServletRequest.getAuthType returns "Programatic" if login/logout methods are used.
> Javadoc says:
> one of the static members BASIC_AUTH, FORM_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH (suitable for == comparison) or the container-specific string indicating the authentication scheme, or null if the request was not authenticated.
> "Programatic" is not one of the expected values.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list