[SHIRO-528] Foward from a noSessionCreation to a path that allow should allow create session - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.2.3
Fix Version/s: None
Component/s: Web
Labels:
- patch
Environment:
jsf, rest, shiro

Description

If I define a error-page that need session for example with jsf:
<error-page>
<error-code>404</error-code>
<location>/jsf/my-notfound.xhtml</location>
</error-page>

Define filters as:
[urls]
/jsf/login.xhtml = authc
/integrations-rest/** = anon, noSessionCreation
/jsf/my-notfound.xhtml = anon
/** = authc

If I try to GET a not found url from /integrations-rest/something it will redirect to /jsf/my-notfound.xhtml but it fails once it can't create a session.

It should clean the request attribute in the afterCompletion method. So after foward it will reaply the filters
request.removeAttribute(DefaultSubjectContext.SESSION_CREATION_ENABLED);

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

Clean_NoSession_Filter.patch
12/Mar/15 04:46
0.9 kB
Janario Oliveira

Activity

People

Assignee:: Unassigned

Reporter:: Janario Oliveira

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 12/Mar/15 04:45

Updated:: 24/Jun/16 00:03