Permalink
Browse files

Item1029: Change 403 code for auth failure to 200.

git-svn-id: http://svn.foswiki.org/branches/Release01x00@7114 0b4bb1d4-4e5a-0410-9cc4-b2b747904278
  • Loading branch information...
GeorgeClark GeorgeClark
GeorgeClark authored and GeorgeClark committed Apr 7, 2010
1 parent b331728 commit bfe1b084bffbf877cd11436a76f2ef8cdd48feef
Showing with 4 additions and 1 deletion.
  1. +4 −1 core/lib/Foswiki/LoginManager/TemplateLogin.pm
@@ -182,7 +182,10 @@ sub login {
return;
}
else {
$session->{response}->status(403);
# Tasks:Item1029 After much discussion, the 403 code is not used for authentication failures.
# RFC states: "Authorization will not help and the request SHOULD NOT be repeated" which is not
# the situation here.
$session->{response}->status(200);
$session->logEvent( 'login', $web . '.' . $topic, "AUTHENTICATION FAILURE - $loginName - " );
$banner = $session->templates->expandTemplate('UNRECOGNISED_USER');
}

0 comments on commit bfe1b08

Please sign in to comment.