incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fmesc...@apache.org
Subject svn commit: r1029799 - /sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java
Date Mon, 01 Nov 2010 19:26:39 GMT
Author: fmeschbe
Date: Mon Nov  1 19:26:39 2010
New Revision: 1029799

URL: http://svn.apache.org/viewvc?rev=1029799&view=rev
Log:
SLING-1855 Correctly set the form action path deduced not only from
the request context path but also the actual resource the user wants
to access to make sure the form response hits the correct authentication
handler

Modified:
    sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java

Modified: sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java?rev=1029799&r1=1029798&r2=1029799&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java
(original)
+++ sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.java
Mon Nov  1 19:26:39 2010
@@ -130,7 +130,7 @@ public abstract class AbstractAuthentica
 
         form = form.replace("${resource}", getResource(request));
         form = form.replace("${j_reason}", getReason(request));
-        form = form.replace("${requestContextPath}", request.getContextPath());
+        form = form.replace("${requestContextPath}", getContextPath(request));
 
         return form;
     }
@@ -160,6 +160,35 @@ public abstract class AbstractAuthentica
     protected abstract String getReason(final HttpServletRequest request);
 
     /**
+     * Returns the context path for the authentication form request. This path
+     * includes the following parts:
+     * <ol>
+     * <li>The Servlet context path (
+     * <code>HttpServletRequest.getContextPath()</code></li>
+     * <li>The path to the authenticated resource as returned by
+     * {@link #getResource(HttpServletRequest)} (without the optional query
+     * string which may be contained in the resource path)</li>
+     * </ol>
+     *
+     * @param request The request
+     * @return The context path for the form action consisting of the request
+     *         context path and the resource to which the user is to
+     *         authenticate.
+     */
+    protected String getContextPath(final HttpServletRequest request) {
+        StringBuilder b = new StringBuilder();
+        b.append(request.getContextPath());
+        String resource = getResource(request);
+        int query = resource.indexOf('?');
+        if (query > 0) {
+            b.append(resource.substring(0, query));
+        } else {
+            b.append(resource);
+        }
+        return b.toString();
+    }
+
+    /**
      * Load the raw unmodified form from the bundle (through the class loader).
      *
      * @return The raw form as a string



Mime
View raw message