These are chat archives for alvarosanchez/spring-security-rest
A token-based, RESTful authentication library for Spring Security
Version 1.4.1.RC2, due to implementation of 'Major overhaul to be less aggressive when handling bearer tokens', RestTokenValidationFilterSpec.groovy now returns 403 instead of 401 for requests where 'X-Auth-Token' header is missing or empty.
This is a breaking change for my single page application where I key off the 401 to show the login page.
@alvarosanchez - Was this change intentional as I didn't see any notes about it in the documentation.
As a developer having the 401 was immensely valuable to me.