You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ro...@apache.org on 2017/11/07 09:18:05 UTC
[sling-org-apache-sling-auth-form] 21/32: SLING-1588 Fixed,
cookie needs to be removed when found to be invalid.
This is an automated email from the ASF dual-hosted git repository.
rombert pushed a commit to annotated tag org.apache.sling.auth.form-1.0.0
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-form.git
commit 99b10530e36e5c5c2dc52fd5cd6b468c4edfc06e
Author: Ian Boston <ie...@apache.org>
AuthorDate: Wed Jul 28 15:32:37 2010 +0000
SLING-1588 Fixed, cookie needs to be removed when found to be invalid.
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/formauth@980097 13f79535-47bb-0310-9956-ffa450edef68
---
.../java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/main/java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java b/src/main/java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java
index f92768d..638c04b 100644
--- a/src/main/java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java
+++ b/src/main/java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java
@@ -308,6 +308,9 @@ public class FormAuthenticationHandler extends AbstractAuthenticationHandler {
// signal the requestCredentials method a previous login failure
request.setAttribute(PAR_J_REASON, FormReason.TIMEOUT);
info = AuthenticationInfo.FAIL_AUTH;
+ // clear the cookie, its invalid and we should get rid of it so that the invalid cookie
+ // isn't present on the authN operation.
+ authStorage.clear(request, response);
}
}
}
--
To stop receiving notification emails like this one, please contact
"commits@sling.apache.org" <co...@sling.apache.org>.