Uploaded image for project: 'Tapestry 5'
  1. Tapestry 5
  2. TAP5-1080

Page activation context lost when redirecting from HTTP to HTTPS due to the @Secure annotation

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 5.2, 5.1.0.5
    • 5.2.0
    • tapestry-core

    Description

      When using @Secure on a page, if we get the page in http, we are redirected to the https page. But the context path is lost.

      Example :

      bouil@maggie:~/Documents/workspace/tapestry-secure-test$ curl -k -v http://localhost:8080/World

      • About to connect() to localhost port 8080 (#0)
      • Trying ::1... connected
      • Connected to localhost (::1) port 8080 (#0)
        > GET /World HTTP/1.1
        > User-Agent: curl/7.19.5 (i486-pc-linux-gnu) libcurl/7.19.5 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.15
        > Host: localhost:8080
        > Accept: /
        >
        < HTTP/1.1 302 Found
        < Location: https://localhost:8443/
        < Content-Length: 0
        < Server: Jetty(6.1.10)
        <
      • Connection #0 to host localhost left intact
      • Closing connection #0
        bouil@maggie:~/Documents/workspace/tapestry-secure-test$

      The Index.java page contains :

      package org.bouil.tapestry.pages;

      import org.apache.tapestry5.annotations.Property;
      import org.apache.tapestry5.annotations.Secure;

      @Secure
      public class Index {

      @Property
      private String context;

      public void onActivate(String context)

      { this.context = context; }

      public String onPassivate()

      { return context; }

      }

      Attachments

        1. tapestry-secure-test.tar.bz2
          4 kB
          Nicolas Bouillon
        2. secure_redirect_context.patch
          7 kB
          Nicolas Bouillon

        Activity

          People

            ulrich.staerk Ulrich Stärk
            bouil Nicolas Bouillon
            Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: