Re: Getting 403 Forbidden rather than 401 Unauthorized when using HTTP Basic auth

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Getting 403 Forbidden rather than 401 Unauthorized when using HTTP Basic auth

Thierry Boileau
Hello Ian,

the tutorial of the 1.0 release has been updated.

best regards,
Thierry Boileau

> Hi Ian,
>
> you're right the behaviour of Guard between 1.0.x and 1.1.x are
> different. When the credentials are not correct, Restlet 1.1 updates
> the response in order to make the client understand that it can repeat
> the request with different credentials.
> In Restlet 1.0, the Guard simply answers that it is forbidden.
> I don't think the behaviour of Restlet 1.0  will be updated, so the
> the sample code will be updated in order to reflect the current behaviour.
>
>
> Best regards,
> Thierry Boileau
> --
> Restlet ~ Core developer ~ http://www.restlet.org 
> <http://www.restlet.org/>
> Noelios Technologies ~ Co-founder ~ http://www.noelios.com 
> <http://www.noelios.com/>
>
>
>> Hi Ian,
>>
>> in Restlet 1.1 this behaviour was changed. Perhaps Jerome or Thierry
>> also included the change in 1.0.x. Check, if there is a setter
>> Guard.setRechallengeEnabled(boolean)? Otherwise change to Restlet 1.1.
>>
>> best regards
>>   Stephan
>>
>>> I followed the code in this tutorial:
>>>
>>>   http://www.restlet.org/documentation/1.0/tutorial#part09
>>>
>>> But when the authentication fails, I'm getting a 403 error, rather
>>> than a 401 error as the code suggests.  This is with Restlet v1.0.11 -
>>> any ideas?
>>>
>>> Regards,
>>>
>>> Ian.
>>>  
Loading...