Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id B5096200D0C for ; Wed, 20 Sep 2017 14:31:05 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id B3B3A1609E5; Wed, 20 Sep 2017 12:31:05 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 0170C1609E1 for ; Wed, 20 Sep 2017 14:31:04 +0200 (CEST) Received: (qmail 6521 invoked by uid 500); 20 Sep 2017 12:31:03 -0000 Mailing-List: contact dev-help@sling.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@sling.apache.org Delivered-To: mailing list dev@sling.apache.org Received: (qmail 6510 invoked by uid 99); 20 Sep 2017 12:31:03 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 20 Sep 2017 12:31:03 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 6EFC01A3B1A for ; Wed, 20 Sep 2017 12:31:03 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -99.202 X-Spam-Level: X-Spam-Status: No, score=-99.202 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id Jo9KWe2GMAJf for ; Wed, 20 Sep 2017 12:31:02 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 0D5845FDBC for ; Wed, 20 Sep 2017 12:31:02 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 6BCF5E0373 for ; Wed, 20 Sep 2017 12:31:01 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id B91D021900 for ; Wed, 20 Sep 2017 12:31:00 +0000 (UTC) Date: Wed, 20 Sep 2017 12:31:00 +0000 (UTC) From: "Robert Munteanu (JIRA)" To: dev@sling.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Closed] (SLING-1847) Redirect after logout does not work with form authentication MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Wed, 20 Sep 2017 12:31:05 -0000 [ https://issues.apache.org/jira/browse/SLING-1847?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu closed SLING-1847. ---------------------------------- > Redirect after logout does not work with form authentication > ------------------------------------------------------------ > > Key: SLING-1847 > URL: https://issues.apache.org/jira/browse/SLING-1847 > Project: Sling > Issue Type: Bug > Components: Authentication > Affects Versions: Form Based Authentication 1.0.0, Auth Core 1.0.2 > Reporter: Eric Norman > Assignee: Eric Norman > Fix For: Form Based Authentication 1.0.4 > > > The redirectAfterLogout method of org.apache.sling.auth.core.impl.SlingAuthenticator is looking for a request attribute or parameter named "resource" to decide where to redirect after logout. > But, if there is a request parameter named "resource" on the request, the request never makes it to the LogoutServlet because the authenticationSucceeded method of the FormAuthenticationHandler is also looking for a request parameter with the same name and immediately redirecting to the specified resource which terminates the rest of the request processing. The user is never logged out before redirecting to the resource. -- This message was sent by Atlassian JIRA (v6.4.14#64029)