[COUCHDB-3084] "authenticated" property is set even when no authentication occurs - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

The "authenticated" property from /_session should only appear when authentication has occurred.

In 2.0 we extracted the 'admin party' handling into its own handler and this introduced the side-effect that all GET's to /_session are handled by an authentication handler.

chttpd:maybe_set_handler makes the assumption that if a handler sets #httpd.user_ctx to a #user_ctx record that authentication has taken place. This is not always true.

Attachments

Issue Links

links to

GitHub Pull Request #134

GitHub Pull Request #189

Activity

People

Assignee:: Unassigned

Reporter:: Robert Newson

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 27/Jul/16 10:37

Updated:: 04/Aug/16 09:58

Resolved:: 30/Jul/16 18:57