response status of invalid ticket #80
Comments
|
Since phpCAS is mostly integrated behind the scenes in other application frameworks it does not make sense to modify the server status code per default. This should be left to the integrator since we cannot simply throw a 403 in a users face is something in the library reports an error. If you have some clever suggestion on how to adress it that everyone is happy I'm all ears. We should probably allow for some error handler hook so that an integrator can chose/extend the error handling themselves. This however would be a major change. |
|
Currently the error message of invalid ticket is returned in html body directly by phpCAS. It is not absolutely behind the scene. Error handler hook is the best solution. If not available, I think it is acceptable to return some sensible default message. |
For a request with an invalid ticket, PHP CAS prints an error message, but the response status is still 200. In this case, 403 is more appropriate.
The text was updated successfully, but these errors were encountered: