You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Dan Klco (Jira)" <ji...@apache.org> on 2021/07/08 01:11:00 UTC
[jira] [Assigned] (SLING-10588) Almost all pages are 401
unauthorized
[ https://issues.apache.org/jira/browse/SLING-10588?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dan Klco reassigned SLING-10588:
--------------------------------
Assignee: Dan Klco
> Almost all pages are 401 unauthorized
> -------------------------------------
>
> Key: SLING-10588
> URL: https://issues.apache.org/jira/browse/SLING-10588
> Project: Sling
> Issue Type: Bug
> Components: App CMS
> Affects Versions: App CMS 1.0.2
> Reporter: James Raynor
> Assignee: Dan Klco
> Priority: Major
>
> Hi I am a SlingCMS developer and user.
> After testing, I found that it is a problem with Apache Sling CMS Security Filter, the default "Host Domains" parameter is wrong, the config cannot be saved, and it is lost after restart.
> Steps to reproduce:
> 1. Start SlingCMS, using an anonymous user to access the page [http://localhost:8080/test/xxx], it shows 401 unauthorized
> 2. Goto [http://localhost:8080/system/console/configMgr]
> find "Apache Sling CMS Security Filter"
> The "Host Domains" is blank, but after testing, there should be a "localhost" string, clear the "Host Domains" and click save.
> 3. Using an anonymous user to access the page [http://localhost:8080/test/xxx] shows 404 Not Found
> It's OK now. However, after restarting SlingCMS, the problem is still the same, so you need to clear the Host Domains again and save it.
> Apache Sling CMS Security Filter -> Allowed Patterns, add one, for example ^/test/. *$, save, and after restarting, the Apache Sling CMS Security Filter configuration is lost.
> This problem causes most pages to be inaccessible, and the Servlets I developed is also inaccessible, so please fix it promptly Thanks.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)