XuqmGroup-Server

XuqmGroup 3bc8a39d0f fix: return 401 (not 403) for unauthenticated requests across all services Spring Security's default Http403ForbiddenEntryPoint was returning 403 for all auth failures. Frontend clients treat 403 as a permission error (not an auth error), so silent loops occurred instead of proper re-login. Adding a custom AuthenticationEntryPoint that returns 401 makes clients handle auth failures correctly (show login page on 401). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-18 13:31:24 +08:00
..
java/com/xuqm/license	fix: return 401 (not 403) for unauthenticated requests across all services	2026-05-18 13:31:24 +08:00
resources	Add license service and tenant integration	2026-05-15 21:00:24 +08:00

XuqmGroup 3bc8a39d0f fix: return 401 (not 403) for unauthenticated requests across all services

Spring Security's default Http403ForbiddenEntryPoint was returning 403
for all auth failures. Frontend clients treat 403 as a permission error
(not an auth error), so silent loops occurred instead of proper re-login.
Adding a custom AuthenticationEntryPoint that returns 401 makes clients
handle auth failures correctly (show login page on 401).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-18 13:31:24 +08:00

java/com/xuqm/license

fix: return 401 (not 403) for unauthenticated requests across all services

2026-05-18 13:31:24 +08:00

resources

Add license service and tenant integration

2026-05-15 21:00:24 +08:00