Details
-
Bug
-
Resolution: Fixed
-
High
-
2.3-RC1
-
None
Description
I could have missed something but I don't see a way I can differentiate in REST API between a login failure caused by bad password or CAPTCHA kicking in.
Crucible /rest-service/auth-v1/login always returns HTTP/403, every time a response body is:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><loginResult><error>authentication failed</error></loginResult>
That's bad from Atlassian Connector for Eclipse perspective - we can't tell the user to use Web UI and CAPTCHA to unlock REST API.
Please either change response body to something more meaningful or let's use some HTTP code for this.
We need to be able to tell the user REST API has been locked.
Attachments
Issue Links
- is related to
-
FE-2610 Rest login method is ambigous for CAPTCHA
- Closed