You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by en...@apache.org on 2012/01/13 19:55:13 UTC
svn commit: r1231244 - in /sling/trunk:
bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthUtil.java
launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLoginErrorTest.java
Author: enorman
Date: Fri Jan 13 18:55:13 2012
New Revision: 1231244
URL: http://svn.apache.org/viewvc?rev=1231244&view=rev
Log:
SLING-2165 fixed regression loading the login page of the launchpad
Modified:
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthUtil.java
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLoginErrorTest.java
Modified: sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthUtil.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthUtil.java?rev=1231244&r1=1231243&r2=1231244&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthUtil.java (original)
+++ sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/AuthUtil.java Fri Jan 13 18:55:13 2012
@@ -403,19 +403,21 @@ public final class AuthUtil {
*/
public static boolean checkReferer(HttpServletRequest request, String loginForm) {
//SLING-2165: if a Referer header is supplied check if it matches the login path for this handler
- String referer = request.getHeader("Referer");
- if (referer != null) {
- String expectedPath = String.format("%s%s", request.getContextPath(), loginForm);
- try {
- URL uri = new URL(referer);
- if (!expectedPath.equals(uri.getPath())) {
- //not for this selector, so let the next one handle it.
- return false;
+ if ("POST".equals(request.getMethod())) {
+ String referer = request.getHeader("Referer");
+ if (referer != null) {
+ String expectedPath = String.format("%s%s", request.getContextPath(), loginForm);
+ try {
+ URL uri = new URL(referer);
+ if (!expectedPath.equals(uri.getPath())) {
+ //not for this selector, so let the next one handle it.
+ return false;
+ }
+ } catch (MalformedURLException e) {
+ getLog().debug("Failed to parse the referer value for the login form " + loginForm, e);
}
- } catch (MalformedURLException e) {
- getLog().debug("Failed to parse the referer value for the login form " + loginForm, e);
}
- }
+ }
return true;
}
Modified: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLoginErrorTest.java
URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLoginErrorTest.java?rev=1231244&r1=1231243&r2=1231244&view=diff
==============================================================================
--- sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLoginErrorTest.java (original)
+++ sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLoginErrorTest.java Fri Jan 13 18:55:13 2012
@@ -144,4 +144,15 @@ public class RedirectOnLoginErrorTest ex
}
assertEquals("Expected to remain on the form/login page", loginPageUrl, location);
}
+
+ /**
+ * Test SLING-2165. Verify that a GET request to the default login page does not
+ * result in an error condition.
+ *
+ * @throws Exception
+ */
+ public void testGetDefaultLoginPage() throws Exception {
+ final String loginPageUrl = String.format("%s/system/sling/login", HTTP_BASE_URL);
+ assertHttpStatus(loginPageUrl, HttpServletResponse.SC_OK);
+ }
}