shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Janario (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SHIRO-528) Foward from a noSessionCreation to a path that allow should allow create session
Date Thu, 12 Mar 2015 04:46:38 GMT

     [ https://issues.apache.org/jira/browse/SHIRO-528?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Janario updated SHIRO-528:
--------------------------
    Attachment: Clean_NoSession_Filter.patch

Attached a patch

> Foward from a noSessionCreation to a path that allow should allow create session
> --------------------------------------------------------------------------------
>
>                 Key: SHIRO-528
>                 URL: https://issues.apache.org/jira/browse/SHIRO-528
>             Project: Shiro
>          Issue Type: Bug
>          Components: Web
>    Affects Versions: 1.2.3
>         Environment: jsf, rest, shiro
>            Reporter: Janario
>         Attachments: Clean_NoSession_Filter.patch
>
>
> If I define a error-page that need session for example with jsf:
> <error-page>
> 	<error-code>404</error-code>
> 	<location>/jsf/my-notfound.xhtml</location>
> </error-page>
> Define filters as:
> [urls]
> /jsf/login.xhtml = authc
> /integrations-rest/** = anon, noSessionCreation
> /jsf/my-notfound.xhtml = anon
> /** = authc
> If I try to GET a not found url from /integrations-rest/something it will redirect to
/jsf/my-notfound.xhtml but it fails once it can't create a session.
> It should clean the request attribute in the afterCompletion method. So after foward
it will reaply the filters
> request.removeAttribute(DefaultSubjectContext.SESSION_CREATION_ENABLED);



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message