Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-18532

The authentication process of the REST module is quite a mess

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 13.4-rc-1
    • 3.2 M1
    • REST
    • None
    • Unknown
    • N/A

    Description

      • there is a first authentication done by org.xwiki.wysiwyg.filter.XWikiContextInitializationFilter
      • then org.xwiki.rest.internal.XWikiAuthentication reset the context user and redo the authentication
      • then if we are not authenticated org.xwiki.rest.internal.XWikiSecretVerifier

      Among other things it means it's not great for performances but worst if you use the wrong credential you end up blocking yourself (3 bad credentials).

      Attachments

        Activity

          People

            tmortagne Thomas Mortagne
            tmortagne Thomas Mortagne
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: