Story #2777
include session subject in NotAuthorized message
Status:
Rejected
Priority:
Low
Assignee:
Ben Leinfelder
Category:
Metacat
Target version:
Start date:
2012-05-17
Due date:
% Done:
0%
Story Points:
Sprint:
Description
Connections with certain types of bad certificates succeed, but get downgraded to 'public'. It would be helpful for the client to have the subject of the session received by D1Nodeservice.isAuthorized() in the error message returned, as a possible explanation for why the call didn't succeed.
Similarly, it might be helpful when trying to resolve escalated authorization issues if the session subject was logged, either as debug or info for all requests, or as a warning when NotAuthorized is triggered.
