You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Carsten Ziegeler (JIRA)" <ji...@apache.org> on 2010/12/20 15:56:25 UTC
[jira] Closed: (SLING-1857) Wrong encoding of the resource to
create the returnTo parameter
[ https://issues.apache.org/jira/browse/SLING-1857?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carsten Ziegeler closed SLING-1857.
-----------------------------------
> Wrong encoding of the resource to create the returnTo parameter
> ---------------------------------------------------------------
>
> Key: SLING-1857
> URL: https://issues.apache.org/jira/browse/SLING-1857
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Affects Versions: OpenID Authentication 1.0.0
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: OpenID Authentication 1.0.2
>
>
> When setting the returnTo request parameter for the OpenID request to the server, the request context path (or / if empty) is prefixed to the URL encoded resource path. This resulting path is the URL encoded again with the following problematic consequences:
> * The returnTo path contains a double-slash, e.g. http://host//path/to/url
> * The actual resource path ion the returnTo parameter is encoded twice
> Particularly the first problem is an issue because it prevents the correct authentication handler to be selected on return from the OpenID provider thus causing the authentication to fail. This is a real problem if the OpenID authentication handler is not registered to the root but somewhere below.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.