Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Distinguish between 401 & 403 return codes #3

Closed
dvanherbergen opened this issue Jan 28, 2021 · 0 comments · Fixed by #5
Closed

Distinguish between 401 & 403 return codes #3

dvanherbergen opened this issue Jan 28, 2021 · 0 comments · Fixed by #5
Assignees
@sephiroth-j
Labels
enhancement New feature or request
Milestone
v1.1.0

Comments

@dvanherbergen
Copy link

Currently the Ltpa2Filter.doFilterInternal() method always returns a 403 (user not authorized) error code if something goes wrong. This makes it difficult for clients to know if they should redirect the user to a login page or if the user doesn't have access the service in question.
It would be great if this method could return a 401 (user not authenticated) error code in case the ltpa token has expired or is invalid, since the user is not know at this point and should be considered not authenticated.

PS. This library is awesome. I've been testing it and it works great. Nice work! 👍
@sephiroth-j sephiroth-j self-assigned this Dec 2, 2021
@sephiroth-j sephiroth-j added the enhancement New feature or request label Dec 2, 2021
@sephiroth-j sephiroth-j added this to the v1.1.0 milestone May 2, 2022
sephiroth-j added a commit that referenced this issue Aug 20, 2022
@sephiroth-j
fixes #3
bc8ec12
sephiroth-j added a commit that referenced this issue Aug 20, 2022
@sephiroth-j
#3 Allow to change the default behaviour when an authentication failu…
d875be5 
…re occurs (Web Servlet only)

fixes #3
@sephiroth-j sephiroth-j linked a pull request Aug 20, 2022 that will close this issue
#3 distinguish between 401 403 return codes #5
Merged
@sephiroth-j sephiroth-j mentioned this issue Aug 20, 2022
Merged
sephiroth-j added a commit that referenced this issue Aug 20, 2022
@sephiroth-j
#3 Allow to change the default behaviour when an authentication failu…
b4191ab 
…re occurs (Web Servlet only)

fixes #3
sephiroth-j added a commit that referenced this issue Aug 20, 2022
@sephiroth-j
#3 Allow to change the default behaviour when an authentication failu…
cb6c83d 
…re occurs (Web Servlet only)

fixes #3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sephiroth-j sephiroth-j

Labels
enhancement New feature or request
Projects
None yet
Milestone
v1.1.0
Development

Successfully merging a pull request may close this issue.

#3 distinguish between 401 403 return codes sephiroth-j/spring-security-ltpa2-core
2 participants
@dvanherbergen @sephiroth-j