You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Ian Boston (JIRA)" <ji...@apache.org> on 2010/04/06 10:01:33 UTC

[jira] Commented: (SLING-1472) Form Auth seems unoperational

    [ https://issues.apache.org/jira/browse/SLING-1472?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12853792#action_12853792 ] 

Ian Boston commented on SLING-1472:
-----------------------------------

First off the Sakai form login code is different from Sling since is uses a shared HMAC service to generate tokens to track logins, so we fixed that code separately (in Sakai Nakamura). It was broken because it was bound to the old Authentication API. The code in the Sling httpauth extension bundle is (AFAICT) using the current AuthenticationHandler SPI. 

AFAIK Sling does not use j_security_check but I could be wrong.

The reason /system/sling/logout results in a popup is it responds with a 401.

Since curl http://localhost:8181/system/sling/form/login returns a 404, I would check that you have a AuthenticationFormServlet under the list of Components in the Sling Console.

> Form Auth seems unoperational
> -----------------------------
>
>                 Key: SLING-1472
>                 URL: https://issues.apache.org/jira/browse/SLING-1472
>             Project: Sling
>          Issue Type: Bug
>          Components: Extensions
>         Environment: sling trunk -r930334 on fuse 4.2
>            Reporter: Jason Rose
>
> Installing  bundle mvn:org.apache.sling/org.apache.sling.formauth/0.9-SNAPSHOT doesn't seem to actually provide any functionality.
> curl http://localhost:8181/system/sling/form/login returns a 404.
> The authentication handler itself doesn't seem to provide any login or logout support; if I post to /j_security_check with the correct credentials, the basic auth handler handles it.  I don't know if the form auth code is even running at all.  Calling /system/sling/logout pops up the basic challenge modal in my browser.
> It looks like there was a Sakai bug raised about this a while ago, and they fixed it.  I don't know if the code was backported, or what.
> http://jira.sakaiproject.org/browse/KERN-716

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.