You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cocoon.apache.org by "Philippe Gassmann (JIRA)" <ji...@apache.org> on 2006/02/21 10:42:34 UTC

[jira] Created: (COCOON-1783) Forbid the use of cocoon:// in tag in authentication handler configuration

Forbid the use of cocoon:// in <redirect-to> tag in authentication handler configuration
----------------------------------------------------------------------------------------

         Key: COCOON-1783
         URL: http://issues.apache.org/jira/browse/COCOON-1783
     Project: Cocoon
        Type: Improvement
  Components: Blocks: Authentication Framework  
    Versions: 2.1.8, 2.2-dev (Current SVN), 2.1.9-dev (current SVN)    
    Reporter: Philippe Gassmann


When cocoon:// is used in the <redirect-to> tag, the redirect uri then used is computed at the first request using the request.getContextPath() method. (HandlerConfiguration.java line 99)
If the first request comes from a PipelineCronJob, the contextPath is null, and until the server is restarted, the authentication framwork can't be used (it redirects to a wrong URI).

So, I think that using cocoon:// should be forbidden in that purpose, or it should be used as a real cocoon:// : without a external redirection.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

[jira] Commented: (COCOON-1783) Forbid the use of cocoon:// in tag in authentication handler configuration

Posted by "vincent Demay (JIRA)" <ji...@apache.org>.

    [ http://issues.apache.org/jira/browse/COCOON-1783?page=comments#action_12372200 ] 

vincent Demay commented on COCOON-1783:
---------------------------------------

I've got the same problem with authenticate and portal. I have to restart my tomcat to make it work

> Forbid the use of cocoon:// in <redirect-to> tag in authentication handler configuration
> ----------------------------------------------------------------------------------------
>
>          Key: COCOON-1783
>          URL: http://issues.apache.org/jira/browse/COCOON-1783
>      Project: Cocoon
>         Type: Improvement
>   Components: Blocks: Authentication Framework
>     Versions: 2.1.8, 2.2-dev (Current SVN), 2.1.9-dev (current SVN)
>     Reporter: Philippe Gassmann

>
> When cocoon:// is used in the <redirect-to> tag, the redirect uri then used is computed at the first request using the request.getContextPath() method. (HandlerConfiguration.java line 99)
> If the first request comes from a PipelineCronJob, the contextPath is null, and until the server is restarted, the authentication framwork can't be used (it redirects to a wrong URI).
> So, I think that using cocoon:// should be forbidden in that purpose, or it should be used as a real cocoon:// : without a external redirection.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira