Author: enorman
Date: Tue Mar 29 06:36:23 2011
New Revision: 1086496
URL: http://svn.apache.org/viewvc?rev=1086496&view=rev
Log:
SLING-1847 Redirect after logout does not work with form authentication (+unit
test)
Added:
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLogoutTest.java
(with props)
Modified:
sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
sling/trunk/launchpad/testing-war/pom.xml
sling/trunk/launchpad/testing/pom.xml
Modified:
sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java?rev=1086496&r1=1086495&r2=1086496&view=diff
==============================================================================
---
sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
(original)
+++
sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
Tue Mar 29 06:36:23 2011
@@ -457,31 +457,34 @@ public class FormAuthenticationHandler e
refreshAuthData(request, response, authInfo);
final boolean result;
- if (DefaultAuthenticationFeedbackHandler.handleRedirect(
- request, response)) {
-
- // terminate request, all done in the default handler
- result = false;
-
- } else {
-
- // check whether redirect is requested by the resource parameter
-
- final String resource = getLoginResource(request, null);
- if (resource != null) {
- try {
- response.sendRedirect(resource);
- } catch (IOException ioe) {
- log.error("Failed to send redirect to: " + resource, ioe);
- }
-
- // terminate request, all done
- result = true;
+ // SLING-1847: only consider a resource redirect if this is a POST
request
+ // to the j_security_check URL
+ if (REQUEST_METHOD.equals(request.getMethod())
+ &&
request.getRequestURI().endsWith(REQUEST_URL_SUFFIX)) {
+
+ if (DefaultAuthenticationFeedbackHandler.handleRedirect(request,
response)) {
+ // terminate request, all done in the default handler
+ result = false;
} else {
- // no redirect, hence continue processing
- result = false;
+ // check whether redirect is requested by the resource parameter
+ final String resource = getLoginResource(request, null);
+ if (resource != null) {
+ try {
+ response.sendRedirect(resource);
+ } catch (IOException ioe) {
+ log.error("Failed to send redirect to: " +
resource, ioe);
+ }
+
+ // terminate request, all done
+ result = true;
+ } else {
+ // no redirect, hence continue processing
+ result = false;
+ }
}
-
+ } else {
+ // no redirect, hence continue processing
+ result = false;
}
// no redirect
Added:
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLogoutTest.java
URL:
http://svn.apache.org/viewvc/sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLogoutTest.java?rev=1086496&view=auto
==============================================================================
---
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLogoutTest.java
(added)
+++
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLogoutTest.java
Tue Mar 29 06:36:23 2011
@@ -0,0 +1,55 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.launchpad.webapp.integrationtest.login;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.httpclient.Header;
+import org.apache.commons.httpclient.NameValuePair;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.sling.commons.testing.integration.HttpTestBase;
+
+/** Verify that redirect to resource after logout works */
+public class RedirectOnLogoutTest extends HttpTestBase {
+ /**
+ * Test SLING-1847
+ * @throws Exception
+ */
+ public void testRedirectToResourceAfterLogout() throws Exception {
+ //login
+ List<NameValuePair> params = new ArrayList<NameValuePair>();
+ params.add(new NameValuePair("j_username", "admin"));
+ params.add(new NameValuePair("j_password", "admin"));
+ assertPostStatus(HTTP_BASE_URL + "/j_security_check",
HttpServletResponse.SC_MOVED_TEMPORARILY, params, null);
+
+ //...and then...logout with a resource redirect
+ String locationAfterLogout = SERVLET_CONTEXT +
"/system/sling/info.sessionInfo.json";
+ final GetMethod get = new GetMethod(HTTP_BASE_URL +
"/system/sling/logout");
+ NameValuePair [] logoutParams = new NameValuePair[1];
+ logoutParams[0] = new NameValuePair("resource", locationAfterLogout);
+ get.setQueryString(logoutParams);
+
+ get.setFollowRedirects(false);
+ final int status = httpClient.executeMethod(get);
+ assertEquals("Expected redirect",
HttpServletResponse.SC_MOVED_TEMPORARILY, status);
+ Header location = get.getResponseHeader("Location");
+ assertEquals(HTTP_BASE_URL + locationAfterLogout, location.getValue());
+ }
+}
Propchange:
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/RedirectOnLogoutTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: sling/trunk/launchpad/testing-war/pom.xml
URL:
http://svn.apache.org/viewvc/sling/trunk/launchpad/testing-war/pom.xml?rev=1086496&r1=1086495&r2=1086496&view=diff
==============================================================================
--- sling/trunk/launchpad/testing-war/pom.xml (original)
+++ sling/trunk/launchpad/testing-war/pom.xml Tue Mar 29 06:36:23 2011
@@ -443,7 +443,7 @@
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.launchpad.integration-tests</artifactId>
- <version>1.0.0</version>
+ <version>1.0.1-SNAPSHOT</version>
<scope>test</scope>
</dependency>
Modified: sling/trunk/launchpad/testing/pom.xml
URL:
http://svn.apache.org/viewvc/sling/trunk/launchpad/testing/pom.xml?rev=1086496&r1=1086495&r2=1086496&view=diff
==============================================================================
--- sling/trunk/launchpad/testing/pom.xml (original)
+++ sling/trunk/launchpad/testing/pom.xml Tue Mar 29 06:36:23 2011
@@ -445,7 +445,7 @@
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.launchpad.integration-tests</artifactId>
- <version>1.0.0</version>
+ <version>1.0.1-SNAPSHOT</version>
<scope>test</scope>
</dependency>
