You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@sling.apache.org by Guillaume Lucazeau <gl...@gmail.com> on 2016/02/09 15:55:54 UTC
Re: Custom login form with a JSP
Hello,
There was a few typos and missing stuff in my previous message, so I've
finally made it work.
However, I still see an issue, related to the context path. The
documentation here [1] says:
form.login.form /system/sling/form/login The URL (without any context path
prefix) to redirect the client to to present the login form.
So my configuration is : form.login.form = /apps/opal/loginNode.html
With a basic launchpad (Sling 7), accessing my protected node at
http://localhost:8080/content/opal.html redirects me to
http://localhost:8080/apps/opal/loginNode.html, which is expected.
However, if I start my lauchpad with a context (-r /test), trying to reach
http://localhost:8081/test/content/opal.html redirects me to
http://localhost:8081/test/index.html
If I change form.login.form value to "/test/apps/opal/loginNode.html", I'm
redirected to the login form.
Did I miss something here?
Thank you,
Guillaume
[1]
https://sling.apache.org/documentation/the-sling-engine/authentication/authentication-authenticationhandler/form-based-authenticationhandler.html
On Fri, Jan 29, 2016 at 2:59 PM, Guillaume Lucazeau <gl...@gmail.com>
wrote:
> Hello Julian,
>
> Thank you for your reply. I've setup a clean Sling launchpad and made sure
> anonymous access was allowed (auth.annonymous in Apache Sling
> Authentication Service if I'm right).
>
> I've created simple content :
> /content/opal/protected/subnode and /content/opal/unprotected/subnode
>
> And then set up this configuration:
>
> Apache Sling Authentication Service
> sling.auth.requirements = +/content/opal/protected
>
> Apache Sling Form Based Authentication Handler
> form.login.form = /app/opal/loginNode (opal/login)
>
> loginNode has sling:resourceType = opal/login and a corresponding view in
> /apps/opal/login/html.jsp
>
> It then worked (i.e. I was redirected to my custom login form) for a few
> times but somehow it stopped working. I don't know what I did exactly but
> now if I try to access "
> http://localhost:8080/content/opal/protected/subnode.json" the "html.jsp"
> is offered for download but not displayed anymore.
>
> I also noticed the properties set above are sometimes reinitialized
> mysteriously. And once the system/login form went unaccessible (403 on it I
> think, couldn't log in Composum either) and I had to reinstall.
>
> So I don't know if this "fake node" is the right way to go, just to use a
> JSP instead of a static HTML file
>
> Best regards,
> Guillaume
>
> On Wed, Jan 13, 2016 at 4:59 PM, Julian Sedding <js...@gmail.com>
> wrote:
>
>> Hello Guillaume
>>
>> Maybe you cannot render the resource, because the "anonymous" user
>> does not have read permissions? If you want to have a resource based
>> login page, you need to allow "anonymous" read access.
>>
>> Hope this help!
>>
>> Regards
>> Julian
>>
>> On Wed, Jan 13, 2016 at 4:15 PM, Guillaume Lucazeau <gl...@gmail.com>
>> wrote:
>> > Hello,
>> >
>> > I would like to provide a custom form reusing the form authentication
>> > provided by Sling, so I have followed this example:
>> > https://github.com/apache/sling/tree/trunk/samples/custom-login-form
>> >
>> > I works well with a static page, however I would like to reuse the
>> > header/footer fragments that I usually include with <sling:include> in
>> my
>> > application, to get the Javascript and CSS files.
>> >
>> > Is it possible to use a JSP there, while keeping the authentication
>> > mechanism provided by Sling?
>> >
>> > I didn't succeed to serve a page based on a resource for the
>> authentication
>> > page, and didn't find much online.
>> >
>> > Thank you
>> > Guillaume
>>
>
>
Re: Custom login form with a JSP
Posted by Guillaume Lucazeau <gl...@gmail.com>.
Hello again,
I see this error in the logs when I try to access protected content:
10.02.2016 12:08:58.331 *WARN* [qtp1324180225-41]
org.apache.sling.auth.core.AuthUtil isRedirectValid: Redirect target
'/apps/opal/loginNode.html' does not start with servlet context path '/test'
As stated by the documentation, I did not put the context path in the login
form path. I can put it, but then the context path will be hard coded in
the value.
I have the same error with a very simple Sling launchpad, 7 or 8, just
started with "-r /test", when I click on "follow this link
<http://localhost:8081/test/system/sling/login>." on the index page:
10.02.2016 11:45:36.113 *WARN* [0:0:0:0:0:0:0:1 [1455101136113] GET
/test/system/sling/login HTTP/1.1] org.apache.sling.auth.core.AuthUtil
isRedirectValid: Redirect target '/system/sling/form/login' does not start
with servlet context path '/test'
Is anybody else using this form authentication with a context path?
Thank you,
Guillaume
On Tue, Feb 9, 2016 at 4:28 PM, Guillaume Lucazeau <gl...@gmail.com>
wrote:
> I see the same problem with the default value: /system/sling/form/login
>
>
> I need to add the context path otherwise I'm redirected to the Sling index
> page.
>
> Any idea of what I'm doing wrong?
>
> Thank you for your help
> Guillaume
>
> On Tue, Feb 9, 2016 at 3:55 PM, Guillaume Lucazeau <gl...@gmail.com>
> wrote:
>
>> Hello,
>>
>> There was a few typos and missing stuff in my previous message, so I've
>> finally made it work.
>>
>> However, I still see an issue, related to the context path. The
>> documentation here [1] says:
>>
>> form.login.form /system/sling/form/login The URL (without any context
>> path prefix) to redirect the client to to present the login form.
>> So my configuration is : form.login.form = /apps/opal/loginNode.html
>>
>> With a basic launchpad (Sling 7), accessing my protected node at
>> http://localhost:8080/content/opal.html redirects me to
>> http://localhost:8080/apps/opal/loginNode.html, which is expected.
>>
>> However, if I start my lauchpad with a context (-r /test), trying to
>> reach http://localhost:8081/test/content/opal.html redirects me to
>> http://localhost:8081/test/index.html
>>
>> If I change form.login.form value to "/test/apps/opal/loginNode.html",
>> I'm redirected to the login form.
>>
>> Did I miss something here?
>>
>> Thank you,
>> Guillaume
>>
>> [1]
>> https://sling.apache.org/documentation/the-sling-engine/authentication/authentication-authenticationhandler/form-based-authenticationhandler.html
>>
>> On Fri, Jan 29, 2016 at 2:59 PM, Guillaume Lucazeau <gl...@gmail.com>
>> wrote:
>>
>>> Hello Julian,
>>>
>>> Thank you for your reply. I've setup a clean Sling launchpad and made
>>> sure anonymous access was allowed (auth.annonymous in Apache Sling
>>> Authentication Service if I'm right).
>>>
>>> I've created simple content :
>>> /content/opal/protected/subnode and /content/opal/unprotected/subnode
>>>
>>> And then set up this configuration:
>>>
>>> Apache Sling Authentication Service
>>> sling.auth.requirements = +/content/opal/protected
>>>
>>> Apache Sling Form Based Authentication Handler
>>> form.login.form = /app/opal/loginNode (opal/login)
>>>
>>> loginNode has sling:resourceType = opal/login and a corresponding view
>>> in /apps/opal/login/html.jsp
>>>
>>> It then worked (i.e. I was redirected to my custom login form) for a few
>>> times but somehow it stopped working. I don't know what I did exactly but
>>> now if I try to access "
>>> http://localhost:8080/content/opal/protected/subnode.json" the
>>> "html.jsp" is offered for download but not displayed anymore.
>>>
>>> I also noticed the properties set above are sometimes reinitialized
>>> mysteriously. And once the system/login form went unaccessible (403 on it I
>>> think, couldn't log in Composum either) and I had to reinstall.
>>>
>>> So I don't know if this "fake node" is the right way to go, just to use
>>> a JSP instead of a static HTML file
>>>
>>> Best regards,
>>> Guillaume
>>>
>>> On Wed, Jan 13, 2016 at 4:59 PM, Julian Sedding <js...@gmail.com>
>>> wrote:
>>>
>>>> Hello Guillaume
>>>>
>>>> Maybe you cannot render the resource, because the "anonymous" user
>>>> does not have read permissions? If you want to have a resource based
>>>> login page, you need to allow "anonymous" read access.
>>>>
>>>> Hope this help!
>>>>
>>>> Regards
>>>> Julian
>>>>
>>>> On Wed, Jan 13, 2016 at 4:15 PM, Guillaume Lucazeau <
>>>> glucazeau@gmail.com> wrote:
>>>> > Hello,
>>>> >
>>>> > I would like to provide a custom form reusing the form authentication
>>>> > provided by Sling, so I have followed this example:
>>>> > https://github.com/apache/sling/tree/trunk/samples/custom-login-form
>>>> >
>>>> > I works well with a static page, however I would like to reuse the
>>>> > header/footer fragments that I usually include with <sling:include>
>>>> in my
>>>> > application, to get the Javascript and CSS files.
>>>> >
>>>> > Is it possible to use a JSP there, while keeping the authentication
>>>> > mechanism provided by Sling?
>>>> >
>>>> > I didn't succeed to serve a page based on a resource for the
>>>> authentication
>>>> > page, and didn't find much online.
>>>> >
>>>> > Thank you
>>>> > Guillaume
>>>>
>>>
>>>
>>
>
Re: Custom login form with a JSP
Posted by Guillaume Lucazeau <gl...@gmail.com>.
I see the same problem with the default value: /system/sling/form/login
I need to add the context path otherwise I'm redirected to the Sling index
page.
Any idea of what I'm doing wrong?
Thank you for your help
Guillaume
On Tue, Feb 9, 2016 at 3:55 PM, Guillaume Lucazeau <gl...@gmail.com>
wrote:
> Hello,
>
> There was a few typos and missing stuff in my previous message, so I've
> finally made it work.
>
> However, I still see an issue, related to the context path. The
> documentation here [1] says:
>
> form.login.form /system/sling/form/login The URL (without any context
> path prefix) to redirect the client to to present the login form.
> So my configuration is : form.login.form = /apps/opal/loginNode.html
>
> With a basic launchpad (Sling 7), accessing my protected node at
> http://localhost:8080/content/opal.html redirects me to
> http://localhost:8080/apps/opal/loginNode.html, which is expected.
>
> However, if I start my lauchpad with a context (-r /test), trying to reach
> http://localhost:8081/test/content/opal.html redirects me to
> http://localhost:8081/test/index.html
>
> If I change form.login.form value to "/test/apps/opal/loginNode.html", I'm
> redirected to the login form.
>
> Did I miss something here?
>
> Thank you,
> Guillaume
>
> [1]
> https://sling.apache.org/documentation/the-sling-engine/authentication/authentication-authenticationhandler/form-based-authenticationhandler.html
>
> On Fri, Jan 29, 2016 at 2:59 PM, Guillaume Lucazeau <gl...@gmail.com>
> wrote:
>
>> Hello Julian,
>>
>> Thank you for your reply. I've setup a clean Sling launchpad and made
>> sure anonymous access was allowed (auth.annonymous in Apache Sling
>> Authentication Service if I'm right).
>>
>> I've created simple content :
>> /content/opal/protected/subnode and /content/opal/unprotected/subnode
>>
>> And then set up this configuration:
>>
>> Apache Sling Authentication Service
>> sling.auth.requirements = +/content/opal/protected
>>
>> Apache Sling Form Based Authentication Handler
>> form.login.form = /app/opal/loginNode (opal/login)
>>
>> loginNode has sling:resourceType = opal/login and a corresponding view in
>> /apps/opal/login/html.jsp
>>
>> It then worked (i.e. I was redirected to my custom login form) for a few
>> times but somehow it stopped working. I don't know what I did exactly but
>> now if I try to access "
>> http://localhost:8080/content/opal/protected/subnode.json" the
>> "html.jsp" is offered for download but not displayed anymore.
>>
>> I also noticed the properties set above are sometimes reinitialized
>> mysteriously. And once the system/login form went unaccessible (403 on it I
>> think, couldn't log in Composum either) and I had to reinstall.
>>
>> So I don't know if this "fake node" is the right way to go, just to use a
>> JSP instead of a static HTML file
>>
>> Best regards,
>> Guillaume
>>
>> On Wed, Jan 13, 2016 at 4:59 PM, Julian Sedding <js...@gmail.com>
>> wrote:
>>
>>> Hello Guillaume
>>>
>>> Maybe you cannot render the resource, because the "anonymous" user
>>> does not have read permissions? If you want to have a resource based
>>> login page, you need to allow "anonymous" read access.
>>>
>>> Hope this help!
>>>
>>> Regards
>>> Julian
>>>
>>> On Wed, Jan 13, 2016 at 4:15 PM, Guillaume Lucazeau <gl...@gmail.com>
>>> wrote:
>>> > Hello,
>>> >
>>> > I would like to provide a custom form reusing the form authentication
>>> > provided by Sling, so I have followed this example:
>>> > https://github.com/apache/sling/tree/trunk/samples/custom-login-form
>>> >
>>> > I works well with a static page, however I would like to reuse the
>>> > header/footer fragments that I usually include with <sling:include> in
>>> my
>>> > application, to get the Javascript and CSS files.
>>> >
>>> > Is it possible to use a JSP there, while keeping the authentication
>>> > mechanism provided by Sling?
>>> >
>>> > I didn't succeed to serve a page based on a resource for the
>>> authentication
>>> > page, and didn't find much online.
>>> >
>>> > Thank you
>>> > Guillaume
>>>
>>
>>
>