We have moved to GitHub Issues
You are viewing the read-only archive of Umbraco's issue tracker. To create new issues, please head over to GitHub Issues.
Make sure to read the blog posts announcing the move for more information.
Created by Shannon Deminick 30 Aug 2013, 01:22:31 Updated by Shannon Deminick 18 Sep 2013, 23:58:06
Subtask of: U4-2891
Currently I think we just return 401 for everything but need to do a 'double' check and return a different code based on that.
For this to all work what we are doing is:
Now we need to figure out how to deal with access request for when a user is not allowed to do something even if they are logged in. We'll have to display some sort of message, or whatever. Do we handle that at a global level or an individual request level ? See: rev a244516b19f725c4b8420a7e1cba5dde5359877e umbraco.security.interceptor.securityInterceptor where we check for a 403 status
Put in notifications
Priority: Normal
Type: Bug
State: Fixed
Assignee: Shannon Deminick
Difficulty: Normal
Category: Security
Backwards Compatible: True
Fix Submitted:
Affected versions:
Due in version: 7.0.0
Sprint:
Story Points:
Cycle: