You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Justin Edelson (JIRA)" <ji...@apache.org> on 2010/09/10 19:43:33 UTC
[jira] Created: (SLING-1752) post-login redirect doesn't include
context path
post-login redirect doesn't include context path
------------------------------------------------
Key: SLING-1752
URL: https://issues.apache.org/jira/browse/SLING-1752
Project: Sling
Issue Type: Bug
Components: Authentication
Reporter: Justin Edelson
to reproduce:
in launchpad/builder run
mvn -Djetty.sling.context=/sling clean jetty:run-war
then go to http://localhost:8888/sling/, try to log in, and then see that you're redirected to "/", not "/sling/"
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SLING-1752) post-login redirect doesn't include
context path
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger updated SLING-1752:
-------------------------------------
Fix Version/s: OpenID Authentication 1.0.2
Auth Selector 1.0.2
Affects Version/s: Auth Core 1.0.2
Auth Selector 1.0.0
Form Based Authentication 1.0.0
OpenID Authentication 1.0.0
> post-login redirect doesn't include context path
> ------------------------------------------------
>
> Key: SLING-1752
> URL: https://issues.apache.org/jira/browse/SLING-1752
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Affects Versions: OpenID Authentication 1.0.0, Form Based Authentication 1.0.0, Auth Selector 1.0.0, Auth Core 1.0.2
> Reporter: Justin Edelson
> Assignee: Felix Meschberger
> Fix For: OpenID Authentication 1.0.2, Form Based Authentication 1.0.2, Auth Selector 1.0.2, Auth Core 1.0.4
>
>
> to reproduce:
> in launchpad/builder run
> mvn -Djetty.sling.context=/sling clean jetty:run-war
> then go to http://localhost:8888/sling/, try to log in, and then see that you're redirected to "/", not "/sling/"
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (SLING-1752) post-login redirect doesn't include
context path
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger reassigned SLING-1752:
----------------------------------------
Assignee: Felix Meschberger
> post-login redirect doesn't include context path
> ------------------------------------------------
>
> Key: SLING-1752
> URL: https://issues.apache.org/jira/browse/SLING-1752
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Reporter: Justin Edelson
> Assignee: Felix Meschberger
>
> to reproduce:
> in launchpad/builder run
> mvn -Djetty.sling.context=/sling clean jetty:run-war
> then go to http://localhost:8888/sling/, try to log in, and then see that you're redirected to "/", not "/sling/"
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Resolved: (SLING-1752) post-login redirect doesn't include
context path
Posted by Felix Meschberger <fm...@gmail.com>.
Hi,
Am 13.09.2010 16:20, schrieb Justin Edelson:
> This is perhaps a minor semantic point, but this parameter really
> shouldn't be called "resource" if it contains the servlet context path.
> It might be too late to change it now, but perhaps this is worthy of a
> comment someplace (although I'm not sure where).
Yes, I agree. In fact, I wanted to change this name earlier on but could
not do it for backwards compatibility reasons.
It is not really a resource in Sling ResourceProvider terms (actually
never really has been) but rather kind of an authentication target path,
and thus a resource in REST terms.
Of course we could introduce a new name and keep on supporting the old
name....
Regards
Felix
>
> Justin
>
> On 9/13/10 6:13 AM, Felix Meschberger (JIRA) wrote:
>>
>> [ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
>>
>> Felix Meschberger resolved SLING-1752.
>> --------------------------------------
>>
>> Fix Version/s: Form Based Authentication 1.0.2
>> Auth Core 1.0.4
>> Resolution: Fixed
>>
>> Issue is tha tthe redirect based on the resource request parameter and/or attribute has been implemented slightly differently in all kinds of locations in the auth modules.
>>
>> Introducing a new AbstractAuthenticationHandler.setLoginResourceAttribute method which allows to set the "resource" request attribute as follows:
>>
>> * if the attribute is already set as a non-empty string, do nothing
>> * If the "resource" request parameter is set as a non-empty string, use that
>> * If a non-empty, non-null default value is given, use that
>> * Otherwise fall back to the servlet context root path (or "/" if context root path is the empty string for the root context)
>>
>> Implemented in authentication Core, Form, OpenID, and Selector Form in Rev. 996477
>>
>>> post-login redirect doesn't include context path
>>> ------------------------------------------------
>>>
>>> Key: SLING-1752
>>> URL: https://issues.apache.org/jira/browse/SLING-1752
>>> Project: Sling
>>> Issue Type: Bug
>>> Components: Authentication
>>> Reporter: Justin Edelson
>>> Assignee: Felix Meschberger
>>> Fix For: Form Based Authentication 1.0.2, Auth Core 1.0.4
>>>
>>>
>>> to reproduce:
>>> in launchpad/builder run
>>> mvn -Djetty.sling.context=/sling clean jetty:run-war
>>> then go to http://localhost:8888/sling/, try to log in, and then see that you're redirected to "/", not "/sling/"
>>
>
>
Re: [jira] Resolved: (SLING-1752) post-login redirect doesn't include
context path
Posted by Justin Edelson <ju...@gmail.com>.
This is perhaps a minor semantic point, but this parameter really
shouldn't be called "resource" if it contains the servlet context path.
It might be too late to change it now, but perhaps this is worthy of a
comment someplace (although I'm not sure where).
Justin
On 9/13/10 6:13 AM, Felix Meschberger (JIRA) wrote:
>
> [ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
>
> Felix Meschberger resolved SLING-1752.
> --------------------------------------
>
> Fix Version/s: Form Based Authentication 1.0.2
> Auth Core 1.0.4
> Resolution: Fixed
>
> Issue is tha tthe redirect based on the resource request parameter and/or attribute has been implemented slightly differently in all kinds of locations in the auth modules.
>
> Introducing a new AbstractAuthenticationHandler.setLoginResourceAttribute method which allows to set the "resource" request attribute as follows:
>
> * if the attribute is already set as a non-empty string, do nothing
> * If the "resource" request parameter is set as a non-empty string, use that
> * If a non-empty, non-null default value is given, use that
> * Otherwise fall back to the servlet context root path (or "/" if context root path is the empty string for the root context)
>
> Implemented in authentication Core, Form, OpenID, and Selector Form in Rev. 996477
>
>> post-login redirect doesn't include context path
>> ------------------------------------------------
>>
>> Key: SLING-1752
>> URL: https://issues.apache.org/jira/browse/SLING-1752
>> Project: Sling
>> Issue Type: Bug
>> Components: Authentication
>> Reporter: Justin Edelson
>> Assignee: Felix Meschberger
>> Fix For: Form Based Authentication 1.0.2, Auth Core 1.0.4
>>
>>
>> to reproduce:
>> in launchpad/builder run
>> mvn -Djetty.sling.context=/sling clean jetty:run-war
>> then go to http://localhost:8888/sling/, try to log in, and then see that you're redirected to "/", not "/sling/"
>
[jira] Resolved: (SLING-1752) post-login redirect doesn't include
context path
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger resolved SLING-1752.
--------------------------------------
Fix Version/s: Form Based Authentication 1.0.2
Auth Core 1.0.4
Resolution: Fixed
Issue is tha tthe redirect based on the resource request parameter and/or attribute has been implemented slightly differently in all kinds of locations in the auth modules.
Introducing a new AbstractAuthenticationHandler.setLoginResourceAttribute method which allows to set the "resource" request attribute as follows:
* if the attribute is already set as a non-empty string, do nothing
* If the "resource" request parameter is set as a non-empty string, use that
* If a non-empty, non-null default value is given, use that
* Otherwise fall back to the servlet context root path (or "/" if context root path is the empty string for the root context)
Implemented in authentication Core, Form, OpenID, and Selector Form in Rev. 996477
> post-login redirect doesn't include context path
> ------------------------------------------------
>
> Key: SLING-1752
> URL: https://issues.apache.org/jira/browse/SLING-1752
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Reporter: Justin Edelson
> Assignee: Felix Meschberger
> Fix For: Form Based Authentication 1.0.2, Auth Core 1.0.4
>
>
> to reproduce:
> in launchpad/builder run
> mvn -Djetty.sling.context=/sling clean jetty:run-war
> then go to http://localhost:8888/sling/, try to log in, and then see that you're redirected to "/", not "/sling/"
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1752) post-login redirect doesn't include
context path
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12908319#action_12908319 ]
Felix Meschberger commented on SLING-1752:
------------------------------------------
Quickly checked the form authentication handler: This redirects to the contents of the "resource" request attribute or parameter, which defaults to "/" which should really default to the context root (request.getContextPath()) and only be "/" if the context path is empty.
Going to fix this at least for the form authentication handler and verifying the OpenID authentication handler at the same time.
> post-login redirect doesn't include context path
> ------------------------------------------------
>
> Key: SLING-1752
> URL: https://issues.apache.org/jira/browse/SLING-1752
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Reporter: Justin Edelson
> Assignee: Felix Meschberger
>
> to reproduce:
> in launchpad/builder run
> mvn -Djetty.sling.context=/sling clean jetty:run-war
> then go to http://localhost:8888/sling/, try to log in, and then see that you're redirected to "/", not "/sling/"
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1752) post-login redirect doesn't include
context path
Posted by "Justin Edelson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12908323#action_12908323 ]
Justin Edelson commented on SLING-1752:
---------------------------------------
makes sense.
> post-login redirect doesn't include context path
> ------------------------------------------------
>
> Key: SLING-1752
> URL: https://issues.apache.org/jira/browse/SLING-1752
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Reporter: Justin Edelson
> Assignee: Felix Meschberger
>
> to reproduce:
> in launchpad/builder run
> mvn -Djetty.sling.context=/sling clean jetty:run-war
> then go to http://localhost:8888/sling/, try to log in, and then see that you're redirected to "/", not "/sling/"
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1752) post-login redirect doesn't include
context path
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12908808#action_12908808 ]
Felix Meschberger commented on SLING-1752:
------------------------------------------
Also have to increase the export version of the spi package because I added a public static method to the AbstractAuthenticationHandler class.
Done in Rev. 996558 exporting spi now as version 1.0.1
(Incrementing minor version because it provides new API to use, so clients can base their imports. But implementations of the SPI are not broken with this change.
> post-login redirect doesn't include context path
> ------------------------------------------------
>
> Key: SLING-1752
> URL: https://issues.apache.org/jira/browse/SLING-1752
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Affects Versions: OpenID Authentication 1.0.0, Form Based Authentication 1.0.0, Auth Selector 1.0.0, Auth Core 1.0.2
> Reporter: Justin Edelson
> Assignee: Felix Meschberger
> Fix For: OpenID Authentication 1.0.2, Form Based Authentication 1.0.2, Auth Selector 1.0.2, Auth Core 1.0.4
>
>
> to reproduce:
> in launchpad/builder run
> mvn -Djetty.sling.context=/sling clean jetty:run-war
> then go to http://localhost:8888/sling/, try to log in, and then see that you're redirected to "/", not "/sling/"
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.