Details
-
Bug
-
Resolution: Unresolved
-
Medium
-
None
-
Engineering tracked issues, 5.1, 5.2
-
None
Description
If a request to the REST API contains an expired or a wrong session id, the request is handled as if the user were anonymous. As a result, the REST client has no mean to detect that the session is using has expired.
To me the correct behaviour would be to send a 4xx error.
Attachments
Issue Links
- relates to
-
EZP-26179 UI Stability issues due to session loss
- Closed