Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-2390

Ensure sling.auth.redirect is respected when changing impersonation

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Auth Core 1.0.6
    • Fix Version/s: Auth Core 1.1.0
    • Component/s: Authentication
    • Labels:
      None

      Description

      Currently the sling.auth.redirect request parameter is handled by AuthenticationFeedbackHandler services or the DefaultAuthenticationFeedbackHandler. The latter always respects the sling.auth.redirect while some authentication handlers may decide to only respect it when first authenticating.

      If impersonation changes (indicated by a sudo request parameter having a different value than the current sudo cookie value) the sling.auth.redirect parameter should also be respected regardless of whether the actual AuthenticationFeedbackHandler respects the parameter or not.

        Attachments

          Activity

            People

            • Assignee:
              fmeschbe Felix Meschberger
              Reporter:
              fmeschbe Felix Meschberger
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: