Make direct calls to the login-page possible

ratcashdev / authenticroast

Automatically exported from code.google.com/p/authenticroast

1 stars 0 forks source link

Make direct calls to the login-page possible #15

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

Calling the login-page directly should allow to log in and then redirect to 
some default location.

Currently the behavior is:
* 0.3.2 -> IlleagalStateException in AuthenticationManagerBase
* trunk -> forward to the login-page a second time

Original issue reported on code.google.com by aike.som...@gmail.com on 17 Nov 2010 at 1:30

GoogleCodeExporter commented 9 years ago

Original comment by aike.som...@gmail.com on 17 Nov 2010 at 1:30

Added labels: Priority-High
Removed labels: Priority-Medium

GoogleCodeExporter commented 9 years ago

Not sure about this. In the servlet/JSF world with CMA,  navigating to 
protected resources takes you there automatically, but you're not supposed to 
navigate directly to the login page.

Original comment by EsmondP...@gmail.com on 17 Nov 2010 at 10:35

Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

I think that this is just not covered by the spec, but even if it was, it just 
makes sense to give the user (who doesnt care what some java-specs say) some 
sensible default behavior...

Original comment by aike.som...@gmail.com on 18 Nov 2010 at 8:36

Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

I don't know whether it is covered by any spec, but a lot of users try to log 
in using the URL of the login-page. They directly bookmark THIS Url !!

Default Behavior of given JAAS-Modules in JBoss or Glassfish is that you can 
easily use the login-page.

Original comment by josef.ei...@gmail.com on 18 Nov 2010 at 4:14

Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

This should work now. Just override getNextPath() in FormAuthenticator.

Original comment by aike.som...@gmail.com on 21 Nov 2010 at 4:57

Changed state: Fixed
Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

I still have the behavior:
*  trunk -> forward to the login-page a second time

and I was wondering whether it should be in AuthenticationManagerBase:
    public void saveRequest(AuthenticationRequest request, String path) {
        requestHandler.saveRequest((ModifiableRequest) request, path);
    }
and not:
    public void saveRequest(AuthenticationRequest request, String path) {
        requestHandler.saveRequest((ModifiableRequest) request);
    }

see: http://code.google.com/p/authenticroast/source/detail?r=113

getNextPath ist in my case: "/"

Original comment by josef.ei...@gmail.com on 25 Nov 2010 at 9:36

Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

Absolutely. No idea why a (real quick) test worked for me anyways.
It's commited now, please let me now, if it works.
:-)

Original comment by aike.som...@gmail.com on 26 Nov 2010 at 7:12

Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

I'm sorry but it doesn't work:
-> forward to the login-page a second time

Original comment by josef.ei...@gmail.com on 26 Nov 2010 at 9:09

Added labels: ****
Removed labels: ****