Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-1307

Internal Server Error if anonymous login is disabled but no authentication handler may be used

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • Auth Core 1.0.0
    • Authentication
    • None

    Description

      If anonymous access is disabled by configuration, but no authentication handler can be selected to authenticate the request, an Internal Server error is sent back to the client and a stack trace is logged :

      20.01.2010 16:54:38 *MARK * servletengine: Servlet threw exception:
      org.apache.sling.commons.auth.NoAuthenticationHandlerException
      at org.apache.sling.commons.auth.impl.SlingAuthenticator.login(SlingAuthenticator.java:372)
      at org.apache.sling.commons.auth.impl.SlingAuthenticator.getAnonymousSession(SlingAuthenticator.java:560)
      at org.apache.sling.commons.auth.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:296)
      at org.apache.sling.engine.impl.SlingMainServlet.handleSecurity(SlingMainServlet.java:817)
      at org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:224)
      at org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:86)
      at org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:77)

      The login method is defined to throw a NoAuthenticationHandlerException if no authentication handler can be found to handle the request. This exception must be caught by the getAnonymousSession method and converted into a sensible error such as 403/FORBIDDEN.

      Attachments

        Activity

          People

            fmeschbe Felix Meschberger
            fmeschbe Felix Meschberger
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: