SessionTimer redirects do not account for script name

NUBIC / aker

A flexible security framework for Rack (and Rails) apps. Good for integration with legacy systems, CAS SSO (including proxying), machine and interactive authentication, and much more.

MIT License

1 stars 2 forks source link

SessionTimer redirects do not account for script name #2

Closed rsutphin closed 13 years ago

rsutphin commented 13 years ago

The session expiration middleware issues a redirect to /logout directly. It should take SCRIPT_NAME into account.

rsutphin commented 13 years ago

This issue will be mooted by #3.