This is an automated email from the ASF dual-hosted git repository.
lprimak pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/shiro.git
The following commit(s) were added to refs/heads/main by this push:
new f556a12e7 bugfix(jakarta-ee): form resubmit: login submit response
processing fixed (#2632)
f556a12e7 is described below
commit f556a12e76ab2fad34ddc6731a980f721561aae9
Author: Lenny Primak <[email protected]>
AuthorDate: Sun Mar 15 00:09:16 2026 -0500
bugfix(jakarta-ee): form resubmit: login submit response processing fixed
(#2632)
---
.../org/apache/shiro/ee/filters/FormResubmitSupport.java | 15 ++++++++-------
.../java/org/apache/shiro/ee/filters/ShiroFilter.java | 2 +-
2 files changed, 9 insertions(+), 8 deletions(-)
diff --git
a/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/FormResubmitSupport.java
b/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/FormResubmitSupport.java
index f2c3cdec7..95447f342 100644
---
a/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/FormResubmitSupport.java
+++
b/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/FormResubmitSupport.java
@@ -288,7 +288,7 @@ public class FormResubmitSupport {
String formData = getSavedFormDataFromKey(savedFormDataKey);
if (formData != null) {
Optional.ofNullable(resubmitSavedForm(formData, savedRequest,
- request, response, request.getServletContext(), false))
+ request, response, request.getServletContext(), false,
true))
.ifPresent(path -> doFacesRedirect(request, response,
path));
doRedirectAtEnd = false;
} else {
@@ -369,7 +369,7 @@ public class FormResubmitSupport {
static String resubmitSavedForm(@NonNull String savedFormData, @NonNull
String savedRequest,
HttpServletRequest originalRequest, HttpServletResponse
originalResponse,
- ServletContext servletContext, boolean rememberedAjaxResubmit)
+ ServletContext servletContext, boolean rememberedAjaxResubmit,
boolean redirect)
throws InterruptedException, IOException {
if (log.isDebugEnabled()) {
log.debug("saved form data: {}", savedFormData);
@@ -401,12 +401,13 @@ public class FormResubmitSupport {
var redirectResponse = client.send(redirectRequest,
HttpResponse.BodyHandlers.ofString());
log.debug("Redirect request: {}, response: {}", redirectRequest,
redirectResponse);
return processResubmitResponse(redirectResponse, originalRequest,
originalResponse,
- response.headers(), savedRequest, servletContext, true,
rememberedAjaxResubmit);
+ response.headers(), savedRequest, servletContext,
+ true, rememberedAjaxResubmit, redirect);
} else {
deleteCookie(originalResponse, servletContext,
SHIRO_FORM_DATA_KEY);
return processResubmitResponse(response, originalRequest,
originalResponse,
response.headers(), savedRequest, servletContext,
- decodedFormData.isPartialAjaxRequest,
rememberedAjaxResubmit);
+ decodedFormData.isPartialAjaxRequest,
rememberedAjaxResubmit, redirect);
}
}
@@ -465,11 +466,11 @@ public class FormResubmitSupport {
return noJSFAjaxRequests(savedFormData, isStateless);
}
- @SuppressWarnings("fallthrough")
+ @SuppressWarnings({"fallthrough", "checkstyle:ParameterNumber"})
private static String processResubmitResponse(HttpResponse<String>
response,
HttpServletRequest originalRequest, HttpServletResponse
originalResponse,
HttpHeaders headers, String savedRequest, ServletContext
servletContext,
- boolean isPartialAjaxRequest, boolean rememberedAjaxResubmit)
throws IOException {
+ boolean isPartialAjaxRequest, boolean rememberedAjaxResubmit,
boolean redirect) throws IOException {
switch (response.statusCode()) {
case FOUND:
if (rememberedAjaxResubmit) {
@@ -486,7 +487,7 @@ public class FormResubmitSupport {
.startsWith(getSessionCookieName(servletContext, getSecurityManager()))))
.forEach(entry -> addCookie(originalResponse,
servletContext,
entry.getKey(), entry.getValue(), -1));
- if (response.statusCode() == FOUND && isPartialAjaxRequest) {
+ if ((response.statusCode() == FOUND || redirect) &&
isPartialAjaxRequest) {
originalResponse.setHeader(CONTENT_TYPE, TEXT_XML);
originalResponse.setCharacterEncoding(StandardCharsets.UTF_8.name());
originalResponse.getWriter().append(String.format(
diff --git
a/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/ShiroFilter.java
b/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/ShiroFilter.java
index 3850e30df..bd00a6440 100644
---
a/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/ShiroFilter.java
+++
b/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/ShiroFilter.java
@@ -251,7 +251,7 @@ public class ShiroFilter extends
org.apache.shiro.web.servlet.ShiroFilter {
Optional.ofNullable(resubmitSavedForm(postData,
Servlets.getRequestURLWithQueryString(httpRequest),
WebUtils.toHttp(request), WebUtils.toHttp(response),
- request.getServletContext(), rememberedAjaxResubmit))
+ request.getServletContext(), rememberedAjaxResubmit,
false))
.ifPresent(url -> sendRedirect(response, url));
} else {
setCharacterEncodingIfNeeded(request);
