JCatapult security saved request is missing URL parameters

Letractively / jcatapult

Automatically exported from code.google.com/p/jcatapult

0 stars 0 forks source link

JCatapult security saved request is missing URL parameters #16

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago

What steps will reproduce the problem?
1. Let session expire
2. Access protected URL that contains parameters (i.e. /admin/users/edit?id=3)
3. Log in
4. Notice that the redirect URL is missing parameters

What is the expected output? What do you see instead?

You should be redirected back to the exact same URL that you requested, but
currently the URL request parameters are being dropped.

Original issue reported on code.google.com by bpontare...@gmail.com on 5 Mar 2008 at 4:14

GoogleCodeExporter commented 8 years ago

Original comment by bpontare...@gmail.com on 12 Mar 2008 at 3:50

Added labels: Component-Security, OpSys-All, TargetRelease-1.0-M2

GoogleCodeExporter commented 8 years ago

Original comment by bpontare...@gmail.com on 18 Mar 2008 at 3:17

Added labels: Milestone-1.0-M2
Removed labels: TargetRelease-1.0-M2

GoogleCodeExporter commented 8 years ago

Original comment by bpontare...@gmail.com on 18 Mar 2008 at 4:17

GoogleCodeExporter commented 8 years ago

Fixed this inside the DefaultSavedRequestService by correctly handling the
differences between GET and POST saved requests. For a GET there is no need for 
the
facade because all parameters are on the URL. In addition, the URI that is used 
for
the redirect after successful login now contains GET parameters.

The fix is in JCatapult-Security changeset #496.

Original comment by bpontare...@gmail.com on 19 Mar 2008 at 4:35

Changed state: Fixed