Author: fmeschbe
Date: Thu Aug 19 11:06:11 2010
New Revision: 987126
URL: http://svn.apache.org/viewvc?rev=987126&view=rev
Log:
SLING-1669 Only set the "resource" target request attribute to the request URL
if neither the parameter is present nor the attribute is already set.
Modified:
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
Modified:
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java?rev=987126&r1=987125&r2=987126&view=diff
==============================================================================
---
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
(original)
+++
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
Thu Aug 19 11:06:11 2010
@@ -39,6 +39,7 @@ import org.apache.sling.api.resource.Res
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.auth.core.AuthenticationSupport;
import
org.apache.sling.auth.core.impl.engine.EngineAuthenticationHandlerHolder;
+import org.apache.sling.auth.core.spi.AbstractAuthenticationHandler;
import org.apache.sling.auth.core.spi.AuthenticationFeedbackHandler;
import org.apache.sling.auth.core.spi.AuthenticationHandler;
import org.apache.sling.auth.core.spi.AuthenticationInfo;
@@ -336,39 +337,40 @@ public class SlingAuthenticator implemen
try
{
- // 1. Ask all authentication handlers to try to extract
credentials
+ // 1. Ask all authentication handlers to try to extract credentials
authInfo = getAuthenticationInfo(request, response);
-
+
// 2. Check Credentials
- if (authInfo == AuthenticationInfo.DOING_AUTH) {
-
- log.debug("handleSecurity: ongoing authentication in the
handler");
- return false;
-
- } else if (authInfo == AuthenticationInfo.FAIL_AUTH) {
-
- log.debug("handleSecurity: Credentials present but not
valid, request authentication again");
- // FIXME: ensure resource is not set !!!
- request.setAttribute(LOGIN_RESOURCE,
request.getRequestURI());
- doLogin(request, response);
- return false;
-
- } else if (authInfo == null) {
- // create an empty authentication info object which can be
used with the post processors
- AuthenticationInfo anonInfo = new
AuthenticationInfo("anonymous");
- postProcess(anonInfo, request, response);
-
- log.debug("handleSecurity: No credentials in the request,
anonymous");
- return getAnonymousResolver(request, response);
-
- } else {
-
- log.debug("handleSecurity: Trying to get a session for {}",
- authInfo.getUser());
- return getResolver(request, response, authInfo);
-
- }
+ if (authInfo == AuthenticationInfo.DOING_AUTH) {
+
+ log.debug("handleSecurity: ongoing authentication in the handler");
+ return false;
+
+ } else if (authInfo == AuthenticationInfo.FAIL_AUTH) {
+
+ log.debug("handleSecurity: Credentials present but not valid,
request authentication again");
+ request.setAttribute(LOGIN_RESOURCE,
+ AbstractAuthenticationHandler.getLoginResource(request,
+ request.getRequestURI()));
+ doLogin(request, response);
+ return false;
+
+ } else if (authInfo == null) {
+ // create an empty authentication info object which can be used
with the post processors
+ AuthenticationInfo anonInfo = new AuthenticationInfo("anonymous");
+ postProcess(anonInfo, request, response);
+
+ log.debug("handleSecurity: No credentials in the request,
anonymous");
+ return getAnonymousResolver(request, response);
+
+ } else {
+
+ log.debug("handleSecurity: Trying to get a session for {}",
+ authInfo.getUser());
+ return getResolver(request, response, authInfo);
+
}
+ }
catch ( LoginException e )
{
if ( authInfo != null ) {
