[jboss-jira] [JBoss JIRA] (WFLY-5416) Unhandled exceptions from custom JASPI modules should cause the HTTP status code to be set as an error (500, 400, etc)
RH Bugzilla Integration (JIRA)
issues at jboss.org
Tue Jan 17 08:52:01 EST 2017
[ https://issues.jboss.org/browse/WFLY-5416?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13349672#comment-13349672 ]
RH Bugzilla Integration commented on WFLY-5416:
-----------------------------------------------
Petr Penicka <ppenicka at redhat.com> changed the Status of [bug 1262482|https://bugzilla.redhat.com/show_bug.cgi?id=1262482] from VERIFIED to CLOSED
> Unhandled exceptions from custom JASPI modules should cause the HTTP status code to be set as an error (500, 400, etc)
> ----------------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-5416
> URL: https://issues.jboss.org/browse/WFLY-5416
> Project: WildFly
> Issue Type: Bug
> Components: Web (Undertow)
> Reporter: Derek Horton
> Assignee: Stuart Douglas
> Fix For: 10.0.0.CR4
>
>
> If a custom JASPI auth module throws an exception, Wildfly/Undertow (the JASPI authenticator) ignores it and returns a 200. The web page that was requested does not get displayed. A blank page and a HTTP 200 are returned.
> Should a 40x or a 500 be returned instead? Or is it the responsibility of the custom JASPI auth module to set the status correctly?
> It seems like the container would need to be careful and not overwrite a status code that the JASPI module had explicitly set.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list