You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Apache Dev (Jira)" <ji...@apache.org> on 2020/11/10 10:11:00 UTC

[jira] [Created] (ARTEMIS-2979) Web Console cannot be used with security enabled on OpenLiberty

Apache Dev created ARTEMIS-2979:
-----------------------------------

             Summary: Web Console cannot be used with security enabled on OpenLiberty
                 Key: ARTEMIS-2979
                 URL: https://issues.apache.org/jira/browse/ARTEMIS-2979
             Project: ActiveMQ Artemis
          Issue Type: Bug
          Components: Web Console
    Affects Versions: 2.16.0
            Reporter: Apache Dev


Accessing the web console when unauthenticated, redirects to Login page.
However, resources accessed by login page itself are also redirected to login page, resulting in an blank page.

Issue depends on Hawtio class: {{io.hawt.web.auth.LoginRedirectFilter}}

For example, when the resource {{http://localhost:8161/console/js/lib-a2ca3f5f1e.js}} is retrieved, the following statement:
{code}String path = httpRequest.getServletPath();{code}
returns an empty string.
Such empty string does not match the unsecured paths, and the resource is redirected.

A more portable way to get such path in filters is the following:
{code}String path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length());{code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)