You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Robert Munteanu (JIRA)" <ji...@apache.org> on 2018/10/15 14:27:00 UTC
[jira] [Comment Edited] (SLING-7414) WebConsole security provider
1.1.0 or newer do not work with the Sling Starter
[ https://issues.apache.org/jira/browse/SLING-7414?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16650289#comment-16650289 ]
Robert Munteanu edited comment on SLING-7414 at 10/15/18 2:26 PM:
------------------------------------------------------------------
As far as I can tell, the problem is that the default login page uses an action URL of {{${requestContextPath}/j_security_check}} . When the url is {{/system/console}}, the form is POST-ed to {{/system/console/j_security_check}}. In that scenario, the username and password request parameters are not available to the {{SlingAuthenticator}}. A simple fix is to POST the request to a different URL, for instance {{${contextPath}/j_security_check.}}
was (Author: rombert):
As far as I can tell, the problem is that the default login page uses an action URL of {{${requestContextPath}/j_security_check}} . When the url is {{/system/console}}, the form is POST-ed to {{/system/console/j_security_check}}. In that scenario, the username and password request parameters are not available to the {{SlingAuthenticator}}. A simple fix is to POST the request to a different URL, for instance ${contextPath}/j_security_check.
> WebConsole security provider 1.1.0 or newer do not work with the Sling Starter
> ------------------------------------------------------------------------------
>
> Key: SLING-7414
> URL: https://issues.apache.org/jira/browse/SLING-7414
> Project: Sling
> Issue Type: Bug
> Components: Extensions
> Affects Versions: Form Based Authentication 1.0.10
> Reporter: Robert Munteanu
> Assignee: Robert Munteanu
> Priority: Critical
> Fix For: Form Based Authentication 1.0.12
>
>
> When upgrading the webconsole security provider in the Sling starter to 1.2.0, the following problems occur:
> * the SmokeIT fails since accessing {{/system/console/bundles.json}} redirects to an HTML login form
> * accessing the OSGi console at {{/system/console}} presents a login form at http://localhost:8080/system/sling/form/login?resource=%2Fsystem%2Fconsole, but then redirects to http://localhost:8080/system/console/j_security_check . Re-accessing {{/system/console}} brings up the login form again.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)