Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Request.authenticate(Response) should return true if already authenticated #4762

Closed
janbartel opened this issue Apr 8, 2020 · 0 comments · Fixed by #4763
Closed

Request.authenticate(Response) should return true if already authenticated #4762

janbartel opened this issue Apr 8, 2020 · 0 comments · Fixed by #4763
Assignees
@janbartel
Labels
TCK For various Specification Test Compatibility Kits (eg: Servlet, WebSocket, HTTP/2, etc)

Comments

@janbartel
Copy link
Contributor

Jetty 10

https://github.com/eclipse-ee4j/jakartaee-tck/blob/master/src/com/sun/ts/tests/common/jspservletsec/secformClient.java#L1731

This test performs a programmatic login (Request.login()), then a programmatic authentication (Request.authenticate()).

According to the javadoc, Request.authenticate() should return:

  • true if all of the following are not null: request.getUserPrincipal(), request.getRemoteUser(), request.getAuthType()
  • false if the authentication mechanism has sent a challenge (ie an authentication requiring multiple round-trips to the client is in progress)
  • throw a ServletException if the authentication mechanism failed the authentication but hasn't already called sendError 401

Our Request.authenticate() method currently does a sendError 401 if the user has already been authenticated.
@janbartel janbartel added the TCK For various Specification Test Compatibility Kits (eg: Servlet, WebSocket, HTTP/2, etc) label Apr 8, 2020
@janbartel janbartel self-assigned this Apr 8, 2020
janbartel added a commit that referenced this issue Apr 8, 2020
@janbartel
Issue #4762 Request.authenticate must return true if already authenti…
8582273 
…cated

Signed-off-by: Jan Bartel <janb@webtide.com>
@janbartel janbartel mentioned this issue Apr 8, 2020
Merged
janbartel added a commit that referenced this issue Apr 14, 2020
@janbartel
Issue #4762 Request.authenticate must return true if already authenti…
474fa8b 
…cated (#4763)

Signed-off-by: Jan Bartel <janb@webtide.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@janbartel janbartel

Labels
TCK For various Specification Test Compatibility Kits (eg: Servlet, WebSocket, HTTP/2, etc)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Issue #4762 Request.authenticate must return true if already authenticated jetty/jetty.project
1 participant
@janbartel