DescriptionRight now, it is impossible for a custom org.apache.shindig.auth.SecurityTokenDecoder to pass a redirect URL to org.apache.shindig.auth.AuthenticationServletFilter#doFilter, for it to issue a redirect instead of returning a 401 ("SC_UNAUTHORIZED") response.
The fix is to add a "redirect" field and corresponding accessor method to org.apache.shindig.auth.SecurityTokenException.
AuthenticationHandler.InvalidAuthenticationException already has a slot for this.
Patch Set 1 #
MessagesTotal messages: 2
|