Item1865: username= and password= no longer work for REST handlers

Priority: Urgent
Current State: Closed
Released In: 1.1.0
Target Release: minor
Applies To: Engine
Component:
Branches:
Reported By: CrawfordCurrie
Waiting For:
Last Change By: KennethLavrsen
The headlined problem was the first in a whole sequence affecting 1.0.x and 1.1 frown

Context: I have an application that runs either from the command line, or from a Foswiki page. This is a Foswiki application, which performs REST calls to a second server. The application knows a username and password on the second server, so can pass username= and password= over for the first REST call. Subsequent calls rely on there being a session established by the first call.

First problem is that username= and password= no longer authenticate you to a REST handler. The reason is that the request is rejected by the REST code ever gets called, in the depths of the Users code.

Second problem is that the rest handlers don't respond with a standard page, and while the status code is set correctly, the cookies are not. So subsequent requests don;t have the session cookie, and are 302ed.

Third problem is that there's no way to validate, so I have no choice but to turn off strikeone on the remote server.

-- CrawfordCurrie - 30 Jul 2009

All the above problems have been resolved.

-- CrawfordCurrie - 05 Aug 2009

ItemTemplate edit

Summary username= and password= no longer work for REST handlers
ReportedBy CrawfordCurrie
Codebase
SVN Range SVN 4581: Foswiki-1.1.0-dev, Mon, 27 Jul 2009, build 4555
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor
Checkins distro:a4c2122362d9 distro:e7aa52d5a5c8
TargetRelease minor
ReleasedIn 1.1.0
Topic revision: r6 - 04 Oct 2010, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License