Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
Auth Core 1.0.0
-
None
Description
If the request has a resource parameter to signal the target location for the authentication and authentication files, that desired target location is overwritten with the current request URL.
The reason for this is that the SlingAuthenticator.handleSecurity method sets the redirect attribute in the request when handling login failure without checking whether the attribute (or parameter is set).