geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Erin Mulder (JIRA)" <...@geronimo.apache.org>
Subject [jira] Assigned: (GERONIMO-1767) bad group for console has no error page that allows user logout/correction
Date Mon, 15 May 2006 23:10:07 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-1767?page=all ]

Erin Mulder reassigned GERONIMO-1767:
-------------------------------------

    Assign To: Greg Wilkins

A quick workaround for this would be to add the following to applications/console-framework/src/webapp/WEB-INF/web.xml:

<error-page>
   <error-code>403</error-code>
   <location>/logout.jsp</location>
</error-page>

However, this isn't actually getting invoked correctly in Jetty.  (The equivalent 404 error
page works fine, but a 403 error page doesn't work, even with a static HTML page as the location.
  It just forwards to the standard Jetty error page.)

Error gets generated in/around o.a.g.jetty.interceptor.SecurityContextBeforeAfter, line 221.


> bad group for console has no error page that allows user logout/correction
> --------------------------------------------------------------------------
>
>          Key: GERONIMO-1767
>          URL: http://issues.apache.org/jira/browse/GERONIMO-1767
>      Project: Geronimo
>         Type: Bug
>     Security: public(Regular issues) 
>   Components: console
>     Versions: 1.0
>  Environment: Windows XP, JDK 1.5.0_05
>     Reporter: Joseph B. Ottinger
>     Assignee: Greg Wilkins
>     Priority: Minor

>
> I created another admin user, called "admin," but forgot to add it to the admin group.
When I logged in to the console with this user, I was given an invalid access exception, which
is not good, because I needed to log that user out to be able to log in with a valid user
(i.e., with correct group access) to fix it.
> This is a fairly minor and I imagine uncommon problem, but it's a simple UI thing that
should be easy to fix.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message