Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Confusing doco for authorizationFailed in README #176

Open
andrewswan opened this issue Jun 15, 2016 · 0 comments
Open

Confusing doco for authorizationFailed in README #176

andrewswan opened this issue Jun 15, 2016 · 0 comments

Comments

@andrewswan
Copy link

The README file contains this sample code block:

 /**
   * If authorization failed (usually incorrect password) redirect the user as follows:
   */
  override def authorizationFailed(request: RequestHeader, user: User, authority: Option[Authority])(implicit context: ExecutionContext): Future[Result] = {
    Future.successful(Forbidden("no permission"))
  }

Doesn't an authorization failure mean that the user authenticated correctly, but simply lacks the required Authority? That's what the method body implies with its Forbidden response, but it's not what the ScalaDoc comment says when it talks about an "incorrect password". This seems very confusing for people trying to adopt this framework.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant