You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Felix Meschberger (JIRA)" <ji...@apache.org> on 2010/02/09 14:39:27 UTC
[jira] Resolved: (SLING-1361) The Authenticator.login method is
specified to complete the response but it currently is not enforced
[ https://issues.apache.org/jira/browse/SLING-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger resolved SLING-1361.
--------------------------------------
Resolution: Fixed
In Rev. 908022 created a new redirectAfterLogout method, which is called by the logout method after the dropCredentials method of all authentication handlers has been called. This method does notthing if the response has already been committed.
Otherwise the "resource" request attribute and request parameter are checked whether they provide a redirect target. If so, the client is redirected there. If a redirect target is not provided, the client is redirected to the servlet context root.
> The Authenticator.login method is specified to complete the response but it currently is not enforced
> -----------------------------------------------------------------------------------------------------
>
> Key: SLING-1361
> URL: https://issues.apache.org/jira/browse/SLING-1361
> Project: Sling
> Issue Type: Improvement
> Components: Commons
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: Commons Auth 1.0.0
>
>
> The Authenticator.login method is specified to complete the response to the client. This currently depends on the login handlers to actually send a response back.
> If none of the handlers actually commits the response, for example the HTTP Basic handler just does nothing and the Form Based Authentication Handler just clears the cookie, the login method implementation should probably handle finishing the response by redirecting back to either the refere (if any) or to the servlet context root.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.