Redirect resource is overwritten if login fails
-----------------------------------------------
Key: SLING-1669
URL: https://issues.apache.org/jira/browse/SLING-1669
Project: Sling
Issue Type: Bug
Components: Authentication
Affects Versions: Auth Core 1.0.0
Reporter: Felix Meschberger
Assignee: Felix Meschberger
Fix For: Auth Core 1.0.0
If the request has a resource parameter to signal the target location for the
authentication and authentication files, that desired target location is
overwritten with the current request URL.
The reason for this is that the SlingAuthenticator.handleSecurity method sets
the redirect attribute in the request when handling login failure without
checking whether the attribute (or parameter is set).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
