[reSIProcate] What to do about missing auth tags?
bcampen
bcampen at estacado.net
Wed Sep 28 16:53:52 CDT 2005
When Auth.cxx can't find an auth tag, it throws an exception, which
the various authentication functions in Helper.cxx do not catch (in
fact, this exception will make it all the way back up to DumThread
before it is caught.) I want to fix this, although I want to hear back
about whether this should be caught in Helper, or higher up in
ServerAuthManager::handle(msg). I think sending a 400 if something goes
wrong in handle() is a bit presumptuous, so it looks like it would be
more correct to catch the problem in Helper, and return BadlyFormed.
Maybe we should also put a try block around handle() that will send a
500 response if some unknown thing goes wrong. Anyone have an opinion on
this?
Best regards,
Byron Campen
More information about the resiprocate-devel
mailing list