sling-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Munteanu (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (SLING-1847) Redirect after logout does not work with form authentication
Date Wed, 20 Sep 2017 12:31:00 GMT

     [ https://issues.apache.org/jira/browse/SLING-1847?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Robert Munteanu closed SLING-1847.
----------------------------------

> Redirect after logout does not work with form authentication
> ------------------------------------------------------------
>
>                 Key: SLING-1847
>                 URL: https://issues.apache.org/jira/browse/SLING-1847
>             Project: Sling
>          Issue Type: Bug
>          Components: Authentication
>    Affects Versions: Form Based Authentication 1.0.0, Auth Core 1.0.2
>            Reporter: Eric Norman
>            Assignee: Eric Norman
>             Fix For: Form Based Authentication 1.0.4
>
>
> The redirectAfterLogout method of org.apache.sling.auth.core.impl.SlingAuthenticator
is looking for a request attribute or parameter named "resource" to decide where to redirect
after logout.
> But, if there is a request parameter named "resource" on the request, the request never
makes it to the LogoutServlet because the authenticationSucceeded method of the FormAuthenticationHandler
is also looking for a request parameter with the same name and immediately redirecting to
the specified resource which terminates the rest of the request processing.  The user is never
logged out before redirecting to the resource.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message