tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nicholas Sushkin <nsush...@openfinance.com>
Subject Re: Should Form Authentication Valve restore request body on a PUT?
Date Fri, 07 Oct 2011 17:45:47 GMT
Charles,

Thanks for the suggestion.

I set request method to "GET" on all unauthenticated requests that forward to 
the login page. That tested well for all RESTful methods, POST, PUT, GET, and 
DELETE.

Submitted a patch.
https://issues.apache.org/bugzilla/show_bug.cgi?id=51940#c2

On Friday, October 07, 2011 10:13:00 Christopher Schultz wrote:
> Since you're just hacking, try setting the request method to "GET"
> when you detect a PUT request that requires authentication.
-- 
Nicholas Sushkin, Senior Software Engineer, Manager of IT Operations
Open Finance - Secure, Accurate, Industrial Strength Aggregation
<http://www.openfinance.com>
Mime
View raw message