[SLING-1669] Redirect resource is overwritten if login fails - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: Auth Core 1.0.0
Fix Version/s: Auth Core 1.0.0
Component/s: Authentication
Labels:
None

Description

If the request has a resource parameter to signal the target location for the authentication and authentication files, that desired target location is overwritten with the current request URL.

The reason for this is that the SlingAuthenticator.handleSecurity method sets the redirect attribute in the request when handling login failure without checking whether the attribute (or parameter is set).

Attachments

Activity

People

Assignee:: Felix Meschberger

Reporter:: Felix Meschberger

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 19/Aug/10 11:03

Updated:: 27/Aug/10 08:50

Resolved:: 19/Aug/10 11:07