You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Felix Meschberger (JIRA)" <ji...@apache.org> on 2009/11/11 14:15:39 UTC
[jira] Created: (SLING-1182) Add support to set resource to which
login is requested
Add support to set resource to which login is requested
-------------------------------------------------------
Key: SLING-1182
URL: https://issues.apache.org/jira/browse/SLING-1182
Project: Sling
Issue Type: Improvement
Components: Engine
Affects Versions: Engine 2.0.6
Reporter: Felix Meschberger
Assignee: Felix Meschberger
Fix For: Engine 2.1.0
Currently the SlingAuthenticator uses the HttpServletRequest.getPathInfo() method to select an applicable authentication handler. In some situations, most notably if there is some login servlet or script (e.g. the Sling Engine LoginServlet registered at /system/sling/login), this is incorrect because the path info is the path of the login servlet and not the desired actual resource path.
To fix this, login servlets should be able to convey a path on behalf of which login should be effected.
Since the Engine LoginServlet already supports a "resource" request parameter to convey to authentication handlers where to go to after successful login we use a request attribute of the same name to indicate this situation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (SLING-1182) Add support to set resource to which
login is requested
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1182?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger closed SLING-1182.
------------------------------------
Close after release
> Add support to set resource to which login is requested
> -------------------------------------------------------
>
> Key: SLING-1182
> URL: https://issues.apache.org/jira/browse/SLING-1182
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: Engine 2.1.0
>
>
> Currently the SlingAuthenticator uses the HttpServletRequest.getPathInfo() method to select an applicable authentication handler. In some situations, most notably if there is some login servlet or script (e.g. the Sling Engine LoginServlet registered at /system/sling/login), this is incorrect because the path info is the path of the login servlet and not the desired actual resource path.
> To fix this, login servlets should be able to convey a path on behalf of which login should be effected.
> Since the Engine LoginServlet already supports a "resource" request parameter to convey to authentication handlers where to go to after successful login we use a request attribute of the same name to indicate this situation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SLING-1182) Add support to set resource to which
login is requested
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1182?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger resolved SLING-1182.
--------------------------------------
Resolution: Fixed
Applied to LogoutServlet and SlingAuthenticator.logout the same logic in Rev. 834878.
> Add support to set resource to which login is requested
> -------------------------------------------------------
>
> Key: SLING-1182
> URL: https://issues.apache.org/jira/browse/SLING-1182
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: Engine 2.1.0
>
>
> Currently the SlingAuthenticator uses the HttpServletRequest.getPathInfo() method to select an applicable authentication handler. In some situations, most notably if there is some login servlet or script (e.g. the Sling Engine LoginServlet registered at /system/sling/login), this is incorrect because the path info is the path of the login servlet and not the desired actual resource path.
> To fix this, login servlets should be able to convey a path on behalf of which login should be effected.
> Since the Engine LoginServlet already supports a "resource" request parameter to convey to authentication handlers where to go to after successful login we use a request attribute of the same name to indicate this situation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Reopened: (SLING-1182) Add support to set resource to which
login is requested
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1182?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger reopened SLING-1182:
--------------------------------------
The same logic must be applied to the LogoutServlet and the Authenticator.logout method
> Add support to set resource to which login is requested
> -------------------------------------------------------
>
> Key: SLING-1182
> URL: https://issues.apache.org/jira/browse/SLING-1182
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: Engine 2.1.0
>
>
> Currently the SlingAuthenticator uses the HttpServletRequest.getPathInfo() method to select an applicable authentication handler. In some situations, most notably if there is some login servlet or script (e.g. the Sling Engine LoginServlet registered at /system/sling/login), this is incorrect because the path info is the path of the login servlet and not the desired actual resource path.
> To fix this, login servlets should be able to convey a path on behalf of which login should be effected.
> Since the Engine LoginServlet already supports a "resource" request parameter to convey to authentication handlers where to go to after successful login we use a request attribute of the same name to indicate this situation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SLING-1182) Add support to set resource to which
login is requested
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1182?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger resolved SLING-1182.
--------------------------------------
Resolution: Fixed
Implemented this support in Rev. 834873.
> Add support to set resource to which login is requested
> -------------------------------------------------------
>
> Key: SLING-1182
> URL: https://issues.apache.org/jira/browse/SLING-1182
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: Engine 2.1.0
>
>
> Currently the SlingAuthenticator uses the HttpServletRequest.getPathInfo() method to select an applicable authentication handler. In some situations, most notably if there is some login servlet or script (e.g. the Sling Engine LoginServlet registered at /system/sling/login), this is incorrect because the path info is the path of the login servlet and not the desired actual resource path.
> To fix this, login servlets should be able to convey a path on behalf of which login should be effected.
> Since the Engine LoginServlet already supports a "resource" request parameter to convey to authentication handlers where to go to after successful login we use a request attribute of the same name to indicate this situation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.