You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2010/11/01 20:26:39 UTC
svn commit: r1029799 -
/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java
Author: fmeschbe
Date: Mon Nov 1 19:26:39 2010
New Revision: 1029799
URL: http://svn.apache.org/viewvc?rev=1029799&view=rev
Log:
SLING-1855 Correctly set the form action path deduced not only from
the request context path but also the actual resource the user wants
to access to make sure the form response hits the correct authentication
handler
Modified:
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java
Modified: sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java?rev=1029799&r1=1029798&r2=1029799&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java (original)
+++ sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java Mon Nov 1 19:26:39 2010
@@ -130,7 +130,7 @@ public abstract class AbstractAuthentica
form = form.replace("${resource}", getResource(request));
form = form.replace("${j_reason}", getReason(request));
- form = form.replace("${requestContextPath}", request.getContextPath());
+ form = form.replace("${requestContextPath}", getContextPath(request));
return form;
}
@@ -160,6 +160,35 @@ public abstract class AbstractAuthentica
protected abstract String getReason(final HttpServletRequest request);
/**
+ * Returns the context path for the authentication form request. This path
+ * includes the following parts:
+ * <ol>
+ * <li>The Servlet context path (
+ * <code>HttpServletRequest.getContextPath()</code></li>
+ * <li>The path to the authenticated resource as returned by
+ * {@link #getResource(HttpServletRequest)} (without the optional query
+ * string which may be contained in the resource path)</li>
+ * </ol>
+ *
+ * @param request The request
+ * @return The context path for the form action consisting of the request
+ * context path and the resource to which the user is to
+ * authenticate.
+ */
+ protected String getContextPath(final HttpServletRequest request) {
+ StringBuilder b = new StringBuilder();
+ b.append(request.getContextPath());
+ String resource = getResource(request);
+ int query = resource.indexOf('?');
+ if (query > 0) {
+ b.append(resource.substring(0, query));
+ } else {
+ b.append(resource);
+ }
+ return b.toString();
+ }
+
+ /**
* Load the raw unmodified form from the bundle (through the class loader).
*
* @return The raw form as a string